SaaS Testing

Security testing for common SaaS platforms - Slack, Microsoft Teams, Notion, Okta, and other collaboration tools.

Slack

Workspace Enumeration

# Check if workspace exists
curl -s "https://WORKSPACE.slack.com" | grep -i "sign in"

# Find workspaces from email domain
# Some workspaces allow signup from company email

# Enumerate users via Slack API (if you have token)
curl -s "https://slack.com/api/users.list" \
  -H "Authorization: Bearer xoxb-TOKEN"

Token Types

xoxb-* : Bot token (most common in leaks)
xoxp-* : User token (full user permissions)
xoxa-* : App token
xoxs-* : Session token
xoxr-* : Refresh token

Token Abuse

Webhook Exploitation

App Misconfigurations

Microsoft Teams

Tenant Enumeration

Token Types

Graph API Abuse

Teams Tab Exploitation

Incoming Webhook Abuse

Notion

Workspace Discovery

Token Abuse

Public Page Enumeration

Okta / Auth0

Tenant Enumeration

User Enumeration

OAuth Misconfigurations

API Token Abuse

Confluence

Enumeration

Exposed Content

Jira

Project Enumeration

Google Workspace

Drive Enumeration

Admin API (if admin)

Common Attack Patterns

Token/Credential Hunting

Phishing via Integrations

Workspace Takeover

Tools

Related Topics

• OAuth - OAuth vulnerabilities

• OIDC - OpenID Connect

• CI/CD Security - Often integrates with SaaS