Micro-Id-Gym

Description

Micro-Id-Gym (MIG) is a flexible and extensible software suite designed to assist system administrators and security testers in conducting security testing on Identity Management (IdM) protocol implementations. MIG provides both a toolsuite for penetration testing and test plans for IdM protocols.

•     MIG supports security testers and system administrators in assessing the security of IdM protocol implementations.

•     MIG allows to setup a testing pipeline for conformance verification and vulnerability discovery in Single Sign-On-based implementations.

•     MIG can be easily extended to support new protocols and integrated into existing development and testing workflows.

•     Developed in Java; deployable via Docker for portable multi-service environments.

•     Supports OpenID Connect (OIDC), Security Assertion Markup Language 2.0 (SAML), Sistema Pubblico di Identità Digitale (SPID) and Carta d’Identità Elettronica (CIE) OIDC protocols.

•     Integrates with BurpSuite for semi-automated penetration testing and generates PDF reports.

TRL 6 – technology demonstrated in relevant environment.