BYPASSING SAML AUTHENTICATION FOR BEGINNERS!

00:50 What is SAML
01:22 Flow of SAML
01:51 SAML Response
02:30 Signature in SAML
02:57 Bugs
03:16 Signature Not Checked
04:28 Signature only Checked When Exists
06:32 Comment Injection
07:49 SAML Reply & XXE
😊

Thanks for the video! I really like the speed of it - no unnecessary content, straight to the point. 👍

Amazing content really impressed! Concise and straight to the point. Keep it up!

I think there is one error in this video, she said Google return back SAML response to youtube but graph showed, it returned to User. ? 1:44

Nice explanation. Keep posting

Excellent video! Thank you.

Great... very well explained.. looking for more videos.. thanks for your contribution ❤️

Fallen love with you farah😍😍

Good Explanation..!! Keep Going Farah..

Great explanation. Keep posting videos like this and contributing to community.

So, you have to know one username password pair for these attacks to work? The first 2 attacks.

Great explanation. Keep posting. Could you also make a video about making our own vulnerable labs? It will be helpful. Thank you.

Good explanation can share us what website you took as an example and we'll practice

Thanks Farah! very informative and straight forward :)

Way of explaining is really good...

Please make a video on AWS Pentesting

Another informative video, great content Farah

Could you bring forward some more labs with SAML?

Mam what happened if we change host header and given header pass in Realystate

Super good and simple explained. Keep posting

Thanks for the great content, where do i get the lab?, Thanks in advance.

Thanks for this video Farah👍🏻 Subscribed

Can someone share the SAML labs which was mentioned in this Video ? Thankyou

Thanks for pentest lab giveaway it will help me learn more 😊

Nice but.... Can you teach RCE attack with Practical... Rather than Bwapp or other such practice websites.

please make video on Buffer Over Flow in detail and lab also.

Thank you for dropping the knowledge Farah. -Sage

excellent. Quick and precise.

Hello mam we can used saml for one login in php web appplication ?

'll you recommend Apple MacBook air or pro for hacking and coding on virtual box or a Dell laptop

yo, are you still gonna upload videos in the future?

Is it necessary to learn various web technologies like mern or asp.net to find bugs in a web application ?? I have a beginner knowledge in html, css , javascript ,php , and sql

Good work.
Which lab are you using ?

How to setup this lab for practice, kindly please show the lab setup also next time

Thank you so much very good explanation

As always great content. I'll watch your GraphQL video, it is nice

It's Royal Infosec ✌️. #Royal Background

make some video to start on hacker1 or synack with live hunt

Great, please make a series on web app penetration testing.

How can I access the Lab?

hi Farah iam a network engineer want switch my career path to infosec where should i start i dnt have knowledge in coding where should i start

Hey how many bounties you have ever got ? Just asking

Mam where u get this sso lab

Hello, I am an Arab. I like your video very much. I hope you can add subtitles next time

Mash Allah nice and great way to explain

Thank you so much mam

Very good explanation and great content
You are really amazing... ;)

great work @farah_hawa

can i get this lab, give me link

Is the sig value necessary?

Like your vedios .. But I would love if you also focus On system hacking and Android Security and Network attacks too. Because all of it is what is in demand in CyberSec right now.. App exploitation and Server Hacking too...
Website hacking is really asaan Sister...

thank you so much Farah for great explanations. I watch every video of yours. ♥
Keep updating and keep posting great content.

Are you use hackthebox lap

Since how many years you are in this field?

Why do you not accept linkedin request ?

Hey From Where should I start if I'm Totally Beginner. I'm in 2nd year of clg.

Which brup extension u use to check assertion and signature value?

Nice explanation 👍

Best explanation With Lab. 🤗

Nice explanation.

teaching or reading like a news reader ? :)

Great explaination

thanks for reducing music volume. more concentrated now.

Best explanation thanks

You nailed it 🏁

had u learnt
ccna
ccnp
ccie

Best explanation ever 💯💯👌. Thanks for sharing one another attack tutorial with us.

Can i use integrity while i am ouy of europe

Can you share this Lab ?

i wana learn a English like you
can you teach me plzzz
plzzz reply
love you my inspiration @FarahHawa

This is really amazing one.. keep uploading things ... and 😅 Btw what happened to your eyes dhidhi .. take a healthy sleep .. !!

Thanks for the video

great explaination farah ... just tell me there are most of the websites that uses jwt based auth right ? so is saml is also used that much ??

sister there are distortions in the sides of video , anyways awesome video ::))

Helpful

Good job

Wow thanks so so much

Age?

one suggestion Speak little slow while preparing videos,felt little faster.but concepts are good.

Nice explanation watched almost all your videos...(A suggestion: You can smile a little while speaking or in introduction)

Nice!!!!

Now i can get more bounties

Thanks

i think you didnt fully understood the comment injection xD

That’s great

How come you post the exact content which I want to know about

ahh Security Waring caught it

😘😘😘😘

Your pretty

Hindi me video kyu nahi banate aap

For a god shake please start making courses . you're too good ;)

One humble feedback, I found your speed of talking a bit too much to understand what you are talking about, may be u can try to speak at a bit alow pace..

Ma'am can you please crack my cap file I want to use neighborhoods wifi

🔥🔥🔥

Thanks a lott mam! I hope you will fulfill the gap between what we get and what we want ! Liked and Subbed....

💘

Very impressed i love you so cute 😘 🥰

thanks