[security] Notification of new OpenID Connect security testing tool
Junki Yuasa
junki.yuasa at gmail.com
Wed Aug 23 00:02:36 UTC 2023
Dear, all,
I'm Junki Yuasa, a master's student at Nara Institute of Science and
Technology, Japan.
Today, I would like to inform you about OIDC Scenario Based Tester (OSBT),
a new security testing tool for OpenID Connect implementation.
*Overview:*
OIDC Scenario Based Tester (OSBT) is a testing tool designed to allow the
flexible creation of OpenID Connect test scenarios using Python. Writing
and executing individually optimized test scenarios for library
applications can help detect vulnerabilities that occur only under certain
conditions. Using the scenario description library provided by OSBT, it is
possible to programmatically describe browser automation, proxy server
operations, and malicious OpenID provider (Attacker OP) operations. It also
supports integration into CI using GitHub Actions and can be used for
continuous automated security evaluation of library applications.
*Tool URL:*
https://github.com/oidc-scenario-based-tester/osbt
https://github.com/oidc-scenario-based-tester/osbtlib
If you have any questions, please ask me.
I'm very sorry if this email is inappropriate for this mailing list.
Best regards,
===========
Nara Institute of Science and Technology (NAIST)
Laboratory for Cyber Resilience
NAME: Junki Yuasa
EMAIL: junki.yuasa at gmail.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-security/attachments/20230823/584fe058/attachment.html>
More information about the security
mailing list