New pages
Jump to navigation
Jump to search
- 15:44, 9 July 2018 Datenschutz (hist | edit) [7,759 bytes] Hshcvj (talk | contribs) (Created page with "Im Folgenden informieren wir über die Verarbeitung personenbezogener Daten bei Nutzung der Webseite sso-attacks.de. Personenbezogene Daten sind alle Daten, die auf Sie persö...")
- 17:46, 2 February 2016 Certificate Injection (hist | edit) [3,833 bytes] Anna (talk | contribs) (Created page with "=Introduction= =Attack subtypes= =Prerequisites= =Target= =Description= =Mitigation / Countermeasures= =Practical Examples= =References= C. Mainka, V. Mladenov, F. Feld...")
- 16:37, 14 January 2016 Token Recipient Confusion (hist | edit) [5,302 bytes] Anna (talk | contribs) (Created page with "=Attack description= =Attack subtypes= =Prerequisites for attack= =Graphical representation of attack= =Attack example= =Attack mitigation / countermeasures= =Prac...")
- 20:15, 7 January 2016 XML Signature Wrapping (hist | edit) [5,686 bytes] Anna (talk | contribs) (Created page with "=Attack description= =Attack subtypes= =Prerequisites for attack= =Graphical representation of attack= =Attack example= =Attack mitigation / countermeasures= =Prac...")
- 20:35, 8 December 2015 Replay Attack (hist | edit) [5,124 bytes] Anna (talk | contribs) (Created page with "=Attack description= Every [https://en.wikipedia.org/wiki/Single_sign-on SSO] protocol provides freshness parameters ''N'' to limit the reuse and lifetime of the authenticatio...")
- 18:32, 8 December 2015 XSLT Attack (hist | edit) [2,966 bytes] Anna (talk | contribs) (Created page with "=Attack description= ''Extensible Stylesheet Language Tranformation (XSLT)'' is a language for transforming XML documents into other documents, for example, XML, HTML, JSON or...")
- 22:00, 29 November 2015 SAML (hist | edit) [2,877 bytes] Anna (talk | contribs) (Created page with "The most important industry standard for Identity Management is the SecurityAssertion Markup Language (SAML). SAML is based on the [https://en.wikipedia.org/wiki/XML eXtensibl...")
- 20:26, 28 November 2015 XML External Entity Attack (hist | edit) [4,596 bytes] Anna (talk | contribs) (Created page with "=Attack description= XML offers the possibility to describe the document’s structure by using a ''Document Type Definition (DTD)''. Unfortunately, the usage of these feature...")
- 17:45, 22 November 2015 Certificate Faking (hist | edit) [3,347 bytes] Anna (talk | contribs) (Created page with "=Attack description= The cryptographic verification of the digital signature guarantees the integrity of the token. Additionally, it is essential to verify the token’s authe...")
- 21:06, 19 November 2015 Signature Exclusion Attack (hist | edit) [3,138 bytes] Anna (talk | contribs) (Created page with "=Attack description= The integrity of all authentication tokens should be protected. In case of Security Assertion Markup Language (SAML), this is realized by a digital signat...")