saml-sso-assertion-attacks
OfficialDetect SAML assertion validation flaws
Authoryaklang
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill provides a focused playbook to identify and validate weaknesses in SAML-based SSO assertion handling, covering signature coverage, audience/recipient checks, ACS handling, XML parser trust boundaries, and IdP/SP confusion that can lead to unauthorized access.
Core Features & Use Cases
- Signature coverage inspection: Determine which XML nodes are signed and detect wrapping or misplaced signatures.
- Audience, recipient, and ACS validation tests: Check Destination, Recipient, and ACS enforcement and identify weak or missing checks.
- Replay, freshness, and issuer trust checks: Validate InResponseTo, NotBefore/NotOnOrAfter handling and issuer/tenant trust assumptions.
- Use Case: During a penetration test or bug bounty assessment, capture a SAML login flow, analyze signed nodes and account-mapping attributes, and attempt assertion placement or issuer confusion attacks to verify whether the SP accepts malicious or malformed assertions.
Quick Start
Capture a full SAML login round-trip, inspect which XML nodes are signed and whether audience/recipient and ACS validations are enforced, and list exploitable assertion validation issues.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: saml-sso-assertion-attacks Download link: https://github.com/yaklang/hack-skills/archive/main.zip#saml-sso-assertion-attacks Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.