Automatic recognition, processing and attacking of single sign-on protocols with burp suite
نویسندگان
چکیده
SAML, Mozilla BrowserID, OpenID, OpenID Connect, Facebook Connect, Microsoft Account, OAuth — today’s web applications are supporting a large set of Single Sign-On (SSO) solutions. Some of them have common properties and behavior, others are completely different. This paper will give an overview of modern SSO protocols. We classify them into two groups and show how to distinguish them from each other. We provide EsPReSSO, an open source Burpsuite plugin that identifies SSO protocols automatically in a browser’s HTTP traffic and helps penetration testers and security auditors to manipulate SSO flows easily.
منابع مشابه
A Database for Automatic Persian Speech Emotion Recognition: Collection, Processing and Evaluation
Abstract Recent developments in robotics automation have motivated researchers to improve the efficiency of interactive systems by making a natural man-machine interaction. Since speech is the most popular method of communication, recognizing human emotions from speech signal becomes a challenging research topic known as Speech Emotion Recognition (SER). In this study, we propose a Persian em...
متن کاملDesigning and implementing a system for Automatic recognition of Persian letters by Lip-reading using image processing methods
For many years, speech has been the most natural and efficient means of information exchange for human beings. With the advancement of technology and the prevalence of computer usage, the design and production of speech recognition systems have been considered by researchers. Among this, lip-reading techniques encountered with many challenges for speech recognition, that one of the challenges b...
متن کاملRobust Iris Recognition in Unconstrained Environments
A biometric system provides automatic identification of an individual based on a unique feature or characteristic possessed by him/her. Iris recognition (IR) is known to be the most reliable and accurate biometric identification system. The iris recognition system (IRS) consists of an automatic segmentation mechanism which is based on the Hough transform (HT). This paper presents a robust IRS i...
متن کاملMAN-MACHINE INTERACTION SYSTEM FOR SUBJECT INDEPENDENT SIGN LANGUAGE RECOGNITION USING FUZZY HIDDEN MARKOV MODEL
Sign language recognition has spawned more and more interest in human–computer interaction society. The major challenge that SLR recognition faces now is developing methods that will scale well with increasing vocabulary size with a limited set of training data for the signer independent application. The automatic SLR based on hidden Markov models (HMMs) is very sensitive to gesture's shape inf...
متن کاملA Review on Indian Sign Language Recognition
Automatic Sign Language Recognition is an extensive research area in the field of human computer interaction. Such recognition systems are meant to replace sign language interpreters. With the development of image processing and artificial intelligence techniques, many techniques have been recently developed in this area. Most of the signs in Indian Sign Language (ISL) are double handed and hen...
متن کامل