denniskniep / DeviceCodePhishing
This is a novel technique that leverages the well-known Device Code phishing approach. It dynamically initiates the flow when the victim opens the phishing link and instantly redirects them to the authentication page. No authentication method, not even FIDO, is able to protect against this type of attack.
☆58Updated this week
Alternatives and similar repositories for DeviceCodePhishing:
Users that are interested in DeviceCodePhishing are comparing it to the libraries listed below
- A python port of @dafthack's MFAsweep with some added OPSEC functionality. MFAde can be used to find single-factor authentication failure…☆38Updated 2 months ago
- A Python POC for CRED1 over SOCKS5☆147Updated 6 months ago
- Living off the land searches for explorer and sharepoint☆78Updated 5 months ago
- Automatically create an operation log of your shell! Supports Linux (Bash/Zsh) and Windows (PowerShell/CMD).☆32Updated last month
- ☆88Updated 2 years ago
- IronSharpPack is a repo of popular C# projects that have been embedded into IronPython scripts that execute an AMSI bypass and then refle…☆113Updated 11 months ago
- A Python based tool to convert custom queries from Legacy BloodHound to BloodHound CE format, with the option to directly upload them to …☆25Updated 3 months ago
- pysnaffler☆91Updated last month
- Microsoft Graph API post-exploitation toolkit☆94Updated 9 months ago
- Living Off the Foreign Land setup scripts☆67Updated last month
- Deploy a phishing infrastructure on the fly.☆68Updated 4 months ago
- Efflanrs - GUI for Snaffler Output☆26Updated 7 months ago
- 🌩️ Collection of BloodHound queries for Azure☆63Updated 3 months ago
- Leveraging AWS Lambda Function URLs for C2 Redirection☆31Updated last year
- ☆71Updated last year
- Parses Snaffler output file and generate beautified outputs.☆93Updated 3 months ago
- ☆43Updated 2 weeks ago
- Example code samples from our ScriptBlock Smuggling Blog post☆89Updated 10 months ago
- A small script that automates Entra ID persistence with Windows Hello For Business key☆56Updated 2 months ago
- Two in one, patch lifetime powershell console, no more etw and amsi!☆88Updated this week
- ☆28Updated 3 weeks ago
- Small utility to chunk up a large BloodHound JSON file into smaller files for importing.☆92Updated 2 years ago
- Adversary Emulation Framework☆98Updated 9 months ago
- Hybrid AD utilities for ROADtools☆72Updated 2 months ago
- ☆50Updated 5 months ago
- A C# project that builds a Web Application which redirects all HTTPS☆24Updated 2 months ago
- ☆54Updated 2 months ago
- Get Fine Grained Password Policy☆70Updated last week
- ☆65Updated last year
- A web assembly (WASM) phishing lure generator based on pre-built templates and written in Rust with some GenAI assistance. W.A.L.K. aims …☆81Updated 7 months ago