OpenID-Attacker

OpenID-Attacker is a free open source security testing tool for the Single Sign-On Protocol OpenID (https://openid.net/specs/openid-authentication-2_0.html). It is developed by the Chair of Network and Data Security, Ruhr University Bochum (http://nds.rub.de/ ) and the 3curity GmbH (http://3curity.de/ ).

Building

You can build OpenID-Attacker directly from the Github sources. For this purpose, you need:

You procede as follows. You first need to clone OpenID-Attackers sources (you can of course also download a ZIP file):

$ git clone https://github.com/RUB-NDS/OpenID-Attacker.git 

Then you go to the OpenID-Attacker directory and use maven to build and package the files:

$ cd OpenID-Attacker
$ mvn clean package -DskipTests

Afterwards, you are able to go to the runnable directory and execute OpenID-Attacker:

$ cd runnable
$ java -jar OpenID-Attacker-*.jar

Literature