Published on December 14th, 2015 | by MaxiSoler


[New Tool] SAML Raider v1.1.1 – SAML2 Burp Extension

SAML Raider is a Burp Suite extension for testing

infrastructures. It contains two core functionalities: Manipulating SAML Messages and manage X.509 certificates.


The extension is divided in two parts. A SAML message editor and a certificate management tool.



Message Editor

Features of the SAML Raider message editor:

  • Sign SAML Messages
  • Sign SAML Assertions
  • Remove Signatures
  • Edit SAML Message
  • Preview eight common XSW Attacks
  • Execute eight common XSW Attacks
  • Send certificate to SAMl Raider Certificate Management
  • Undo all changes of a SAML Message
  • Supported Profiles: SAML Webbrowser Single Sign-on Profile, Web Services Security SAML Token Profile
  • Supported Bindings: POST Binding, Redirect Binding, SOAP Binding


Certificate Management

Features of the SAML Raider Certificate Management:

  • Import X.509 certificates (PEM and DER format)
  • Import X.509 certificate chains
  • Export X.509 certificates (PEM format)
  • Delete imported X.509 certificates
  • Display informations of X.509 certificates
  • Import private keys (PKCD#8 in DER format and traditional RSA in PEM Format)
  • Export private keys (traditional RSA Key PEM Format)
  • Cloning X.509 certificates
  • Cloning X.509 certificate chains
  • Create new X.509 certificates
  • Editing and self-sign existing X.509 certificates

More Information: here

Tags: , , ,

About the Author

www.artssec.com @maxisoler

Back to Top ↑