Skip to content

@mindfuckup mindfuckup released this Apr 1, 2019 · 2 commits to master since this release

This is a bugfix release.

This release fixes the following issues:

  • #35 (SAML messages were not editable in newer Java versions)
  • #14 (Unnecessary console output)

Note:

  • Because the RSyntaxTextArea was replaced with a normal Java Swing JTextArea, no syntax highlighting or text search is available anymore.

Enjoy your SAML testing 🤘

Assets 3

@mindfuckup mindfuckup released this Apr 1, 2019 · 5 commits to master since this release

@pajswigger from PortSwigger fixed a Java version incompatibility issue with OpenJDK 11, that is shipped in the bundled Burp version.

The plugin now works in Java 11.

This fixes the following issues:

Thanks @PortSwigger and @pajswigger!

Assets 3

@mindfuckup mindfuckup released this Sep 19, 2016 · 14 commits to master since this release

We got a pull-request (#13) with the following changes:

  • Bugfix: The XSW diagram had some incorrect graphics. They are now fixed
  • Fixed/improved some unit-tests.

A big thank to @thariyarox!

Assets 3

@mindfuckup mindfuckup released this Aug 22, 2016 · 31 commits to master since this release

  • New feature: Support for SAMLRequest messages (Issue #11)
Assets 3
Aug 11, 2016
Described supported SAML Messages

@mindfuckup mindfuckup released this Aug 22, 2016 · 50 commits to master since this release

New Features

  • New Profile: Web Services Security: SAML Token Profile
    • Now it's possible to manipulate SAML Assertions, which are transmitted in a WS-Security SAML Token Profile.

New Bug

Security Fix

  • Fixed XXE (CWE-611)
    • If someone had installed the extension and intercepted, viewed in HTTP History or used in the Repeater a XML message with XXE in it, the entities were resolved. Every XML message got first parsed to determine if it is a SAMLMessage and if the SAML Raider tab had to be displayed. This issue is now fixed by disabling loading external dtd and disabling external entities.
Assets 3

@RouLee RouLee released this Sep 16, 2015 · 54 commits to master since this release

Two bugfixes for Issue #1

  • Linebreaks are now not removed from an edited message
  • Namespace definition in tags e.g. xmlns:saml="..." are retained in every situation
Assets 3

@mindfuckup mindfuckup released this Jul 22, 2015 · 63 commits to master since this release

This is our first release.

Assets 3
You can’t perform that action at this time.