Series Layout and Strategy

Article 1: Build Your Own SAML Identity and Relying Party

Goal: Set up a working SAML flow you control.
Deliverables:
- Dockerized IdP and SP (e.g., using SAMLtest IdP alternatives like simplesamlphp).
- A basic browser-accessible SP endpoint that consumes SAML assertions.

Article 2: Parsing and Re-signing SAML Assertions

Goal: Use Python to read SAML, manipulate it, and re-sign it.
Tools: lxml, xmlsec, signxml, or pyXMLSecurity.

Article 3: XML Signature Wrapping (XSW) Attacks

Goal: Write Python code to automate classic XSW variants.
Variants: Enveloped, Enveloping, Detached Signature Injections.

Article 4: Token Replay and Assertion Forgery

Goal: Replay stolen assertions, modify them, and observe effects.
Bonus: Use timestamp manipulation, missing audience, or bad NotBefore/NotOnOrAfter ranges.

Article 5: Detection and Mitigation

Goal: Show how to detect broken XML structures and invalid signatures.
Extras: YARA rules, WAF patterns, Open Policy Agent rules.

Bonus Article: Browser Automation for Attack Flow

Goal: Automate logins, replay flows using Selenium or Playwright.

Your First Assignment: Part 1 — Minimal SAML Lab Setup

Goal:

Create a SAML lab with:

One Identity Provider (IdP) you control
One Service Provider (SP) that accepts logins

Requirements:

Use Docker Compose or manual setup
IdP options:
- simplesamlphp
- Keycloak with SAML support
SP:
- Your own simple Flask app using python3-saml or a known vulnerable SP
Output:
- Metadata files (IdP and SP)
- A successful login flow (you can simulate user login with hardcoded credentials or default users)

You should produce:

Dockerfiles / docker-compose.yml (if used)
SAML metadata for both SP and IdP
Screenshot or description of successful SSO flow

Let me know if you want a lightweight setup (e.g., Flask + python3-saml + mock IdP) or something more real-world (e.g., Keycloak + real SP). Once you’re done, share your code and setup, and we’ll review together before moving to Part 2.

Would you like me to generate a basic scaffold for the Flask SP and IdP metadata files to speed up your start?

PreviousSAML NextOSWE Course

Last updated 6 months ago

hashtagArticle 1: Build Your Own SAML Identity and Relying Party

hashtagArticle 2: Parsing and Re-signing SAML Assertions

hashtagArticle 3: XML Signature Wrapping (XSW) Attacks

hashtagArticle 4: Token Replay and Assertion Forgery

hashtagArticle 5: Detection and Mitigation

hashtagBonus Article: Browser Automation for Attack Flow

hashtagYour First Assignment: Part 1 — Minimal SAML Lab Setup

hashtagGoal:

hashtagRequirements:

hashtagYou should produce: