SAML IV: Finding the private key by using the certificate in a SAMLResponse

image of exercise SAML IV: Finding the private key by using the certificate in a SAMLResponse
Access to videos for this exercise is only available with PentesterLab PRO GOPRO
Spoiler
SAML IV: Finding the private key by using the certificate in a SAMLResponse

In this video, we explore the SAML IV challenge from the authentication and authorization badge. We demonstrate how to extract a certificate from a SAML Response and determine if the application uses a default certificate and private key to sign the response.

video duration icon05:16 number of views icon893