Password Spraying ADFS with Burp

As many organizations are moving aggressively towards cloud based platforms, we as Red Teamers are coming more into contact with Federation services. Federations essentially extend authentication mechanisms from one system to another. These systems may be part of the same organization or completely separate. One of the most common implementations of this is Microsoft’s Active Directory Federation Servers (ADFS). For a good overview of securing ADFS, check out adsecurity’s article here. As these services are becoming more popular,

[Read More]