-
Pavel Břoušek authoredPavel Břoušek authored
saml-request-init.yaml 757 B
id: saml-request-init
info:
name: SAML signature check using request initiation endpoint
author: T&I Incubator
description: Scan SAML SPs for SAML signature validation problems and vulnerabilities
severity: high
workflows:
- template: workflow/saml-detect-request-init-endpoint.yaml
subtemplates:
- template: workflow/saml-signature-request-init-raw.yaml
# unfortunatelly it seems that is not possible to combine matchers and shared execution context like this:
#matchers:
#- name: hasspinitendpoint
#subtemplates:
#- template: nuclei-templates/saml-signature-request-init-raw.yaml
#subtemplates:
# - template: nuclei-templates/saml-signature-request-init-invalid-signatures.yaml