This is a novel technique that leverages the well-known Device Code phishing approach. It dynamically initiates the flow when the victim opens the phishing link and instantly redirects them to the authentication page. No authentication method, not even FIDO, is able to protect against this type of attack.
☆188Sep 19, 2025Updated 5 months ago
Alternatives and similar repositories for DeviceCodePhishing
Users that are interested in DeviceCodePhishing are comparing it to the libraries listed below
Sorting:
- SharpSuccessor is a .NET Proof of Concept (POC) for fully weaponizing Yuval Gordon’s (@YuG0rd) BadSuccessor attack from Akamai.☆386Sep 26, 2025Updated 5 months ago
- ☆138Nov 17, 2025Updated 3 months ago
- Initial Access and Post-Exploitation Tool for AAD and O365 with a browser-based GUI☆1,032Dec 31, 2025Updated 2 months ago
- ☆285Aug 14, 2025Updated 6 months ago
- OAuth Device Code Phishing Toolkit☆111Feb 6, 2026Updated 3 weeks ago
- Azure Post Exploitation Framework☆244Oct 27, 2025Updated 4 months ago
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆57Apr 14, 2025Updated 10 months ago
- GenZ Shellcode Generator to execute commands with winExec API☆22Apr 27, 2025Updated 10 months ago
- Cobalt Strike BOF for evasive .NET assembly execution☆308Mar 31, 2025Updated 11 months ago
- BOF for Kerberos abuse (an implementation of some important features of the Rubeus).☆546Nov 23, 2025Updated 3 months ago
- A lexer and parser for Sleep☆20Feb 20, 2026Updated last week
- Abusing Azure services over C2☆368Jan 20, 2026Updated last month
- Curated list of public Beacon Object Files(BOFs) build in as submodules for easy cloning☆137Dec 7, 2025Updated 2 months ago
- Azure JWT Token Manipulation Toolset☆716Dec 6, 2024Updated last year
- BOF with Synthetic Stackframe☆225Oct 30, 2025Updated 4 months ago
- Hunting and injecting RWX 'mockingjay' DLLs in pure nim☆60Dec 11, 2024Updated last year
- Tool for working with Indirect System Calls in Cobalt Strike's Beacon Object Files (BOF) using SysWhispers3 for EDR evasion☆102Jul 9, 2025Updated 7 months ago
- Reaping treasures from strings in remote processes memory☆285Feb 8, 2025Updated last year
- SoaPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) from Linux hosts.☆262Feb 21, 2025Updated last year
- Ghosting-AMSI☆224Apr 24, 2025Updated 10 months ago
- A Python script for creating `.lnk` (shortcut) files with embedded encoded data and packaging them into ZIP archives.☆92Jan 8, 2025Updated last year
- A fork of the great TokenTactics with support for CAE and token endpoint v2☆393Feb 9, 2026Updated 2 weeks ago
- A simple BOF that disables some logging with NtSetInformationProcess☆13Oct 13, 2023Updated 2 years ago
- SACL Scanner is a tool designed to scan and analyze SACLs.☆51Feb 13, 2025Updated last year
- SOCKS5 proxy tool that uses Azure Blob Storage as a means of communication.☆309Feb 16, 2026Updated 2 weeks ago
- TokenSmith generates Entra ID access & refresh tokens on offensive engagements. It is suitable for both covert adversary simulations and …☆381Jan 23, 2025Updated last year
- Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domai…☆275Dec 27, 2024Updated last year
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆346Nov 19, 2024Updated last year
- Docker container for running CobaltStrike 4.7 and above☆24Mar 20, 2025Updated 11 months ago
- A BloodHound collector for Microsoft Configuration Manager☆391Jul 7, 2025Updated 7 months ago
- A beacon object file implementation of PoolParty Process Injection Technique.☆434Dec 21, 2023Updated 2 years ago
- Parses Snaffler output file and generate beautified outputs.☆136Jan 4, 2026Updated last month
- ☆159Apr 17, 2024Updated last year
- Microsoft Graph API post-exploitation toolkit☆95Jul 13, 2024Updated last year
- Python3 utility for creating zip files that smuggle additional data for later extraction☆264May 15, 2025Updated 9 months ago
- A modern Rust implementation of the original Stardust project, providing a sophisticated 32/64-bit shellcode template that features posit…☆59Mar 17, 2025Updated 11 months ago
- ☆65Mar 15, 2024Updated last year
- An alternative to the builtin clipboard feature in Cobalt Strike that adds the capability to enable/disable and dump the clipboard histor…☆103Jan 9, 2026Updated last month
- Parser and reconciliation tooling for large Active Directory environments.☆33Feb 18, 2025Updated last year