Category: WebApp PenTest

Dupe Key Injector

Dupe Key Injector: new XML signature bypass technique

Dupe Key Injector Dupe Key Injector is a Burp Suite extension implementing Dupe Key Confusion, a new XML signature bypass technique presented at BSides/BlackHat/DEFCON 2019 “SSO Wars: The Token Menace” presentation. Dupe Key Confusion...