denniskniep / DeviceCodePhishing
This is a novel technique that leverages the well-known Device Code phishing approach. It dynamically initiates the flow when the victim opens the phishing link and instantly redirects them to the authentication page. No authentication method, not even FIDO, is able to protect against this type of attack.
☆127Updated 3 weeks ago
Alternatives and similar repositories for DeviceCodePhishing
Users that are interested in DeviceCodePhishing are comparing it to the libraries listed below
Sorting:
- A Python POC for CRED1 over SOCKS5☆149Updated 7 months ago
- ☆202Updated last year
- Living off the land searches for explorer and sharepoint☆82Updated 3 weeks ago
- Weaponizing DCOM for NTLM Authentication Coercions☆219Updated last month
- Adversary Emulation Framework☆98Updated 9 months ago
- ☆74Updated last week
- Weaponizing DCOM for NTLM Authentication Coercions☆140Updated last month
- IronSharpPack is a repo of popular C# projects that have been embedded into IronPython scripts that execute an AMSI bypass and then refle…☆115Updated last year
- ☆217Updated 7 months ago
- Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel☆220Updated this week
- ☆42Updated last month
- OAuth Device Code Phishing Toolkit☆56Updated 3 weeks ago
- Resources linked to my presentation at OffensiveX in Athens in June 2024 on the topic "Breach the Gat, Advanced Initial Access in 2024"☆139Updated 9 months ago
- pysnaffler☆95Updated 2 months ago
- .NET Post-Exploitation Utility for Abusing Explicit Certificate Mappings in ADCS☆144Updated 3 months ago
- A tool leveraging Kerberos tickets to get Microsoft 365 access tokens using Seamless SSO☆173Updated 8 months ago
- Tool for viewing NTDS.dit☆163Updated 2 months ago
- C# implementation of TokenFinder. Steal M365 access tokens from Office Desktop apps☆139Updated 9 months ago
- Two in one, patch lifetime powershell console, no more etw and amsi!☆89Updated 2 weeks ago
- ☆150Updated 3 months ago
- Azure Post Exploitation Framework☆197Updated 2 months ago
- Living Off the Foreign Land setup scripts☆68Updated 2 months ago
- Hybrid AD utilities for ROADtools☆74Updated 3 months ago
- Parses Snaffler output file and generate beautified outputs.☆96Updated 3 months ago
- The OUned project automating Active Directory Organizational Units ACL exploitation through gPLink poisoning☆112Updated last month
- ☆80Updated 9 months ago
- Tool for Active Directory Certificate Services enumeration and abuse☆161Updated 3 weeks ago
- Malware As A Service☆132Updated last year
- ☆117Updated last month
- ☆57Updated 3 months ago