Back to directory
WRITEUP #870

SAMLjacking a poisoned tenant

OAuthSAMLjackingSAMLSSOSupply chain attackCloud
byLuke Jennings
Program
-
Published
Aug 17, 2023
Added to HackDex
Sep 5, 2023
Read Full Writeuphttps://pushsecurity.com/blog/samljacking-a-poisoned-tenant/
RELATED WRITEUPS
Revival Hijack – PyPI hijack technique exploited in the wild, puts 22K packages at risk
AI / LLMCI/CD
How I Got $250 For My Second Bug on HackerOne
OAuthSession expiration issue
The Hunt for ALBeast: A Technical Walkthrough
CloudAWS ALB
Forced SSO Session Fixation
Auth BypassSSO
Addressed AWS defaults risks: OIDC, Terraform and Anonymous to AdministratorAccess
CloudOIDC

Built with ❤️ by Shubham Rawat