Today Tim Guenther, one of our consultants based in Essen, has released a blog post titled 'EsPReSSO a refreshment on the hunt for Single Sign-On'.
Ahead of his talk at OWASP Day Germany 2015 tomorrow Tim shares insight into EsPReSSO, an acronym for Extension for Processing and Recognition of Single Sign-On Protocols.
The Tool is the first attempt to add support to the analysis of the current Single Sign-On (SSO) solutions. EsPReSSO is integrated with PortSwigger's Burp Suite, the famous HTTP Proxy. A common task during the research on SSO is the identification of the underlying protocol.