sp_nuclei_test
nuclei templates for testing SAML service providers.
Requirements
- install newest version of Go
- install nuclei
- set up the conformance IdP
- connect SPs to the conformance IdP (exchange metadata)
Usage
Run against one target:
nuclei -u ACS_URL_HERE -V "ENTITY_ID=ENTITY_ID_HERE" \
-duc -ms -t nuclei-templates/ -nmhe -lna -dka 30 -dt 30
where
-
ACS_URL_HERE
is the assertion consumer service endpoint URL -
ENTITY_ID_HERE
is the entity ID of the SP
It is expected that the SP will return HTTP code 200/302/303 on success and a different HTTP code on failure (e.g. when SAML response is not signed).
Limitations
- templates are only usable with the conformace IdP
- testing cannot be run in parallel for the same entity ID
- only
HTTP-POST
binding is currently supported - nuclei has to be invoked individually for each target (for each entity ID)
- only SPs which accept unsolicited logins (IdP-initiated) can be tested