denniskniep / DeviceCodePhishingLinks
This is a novel technique that leverages the well-known Device Code phishing approach. It dynamically initiates the flow when the victim opens the phishing link and instantly redirects them to the authentication page. No authentication method, not even FIDO, is able to protect against this type of attack.
☆147Updated 2 months ago
Alternatives and similar repositories for DeviceCodePhishing
Users that are interested in DeviceCodePhishing are comparing it to the libraries listed below
Sorting:
- A Python POC for CRED1 over SOCKS5☆149Updated 8 months ago
- ☆206Updated last year
- OAuth Device Code Phishing Toolkit☆61Updated 2 months ago
- pysnaffler☆101Updated 3 months ago
- IronSharpPack is a repo of popular C# projects that have been embedded into IronPython scripts that execute an AMSI bypass and then refle…☆115Updated last year
- Tool for Active Directory Certificate Services enumeration and abuse☆162Updated 2 months ago
- ☆118Updated 2 months ago
- Living off the land searches for explorer and sharepoint☆87Updated 2 months ago
- Weaponizing DCOM for NTLM Authentication Coercions☆147Updated 2 months ago
- ☆137Updated last month
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆201Updated 8 months ago
- ☆219Updated 8 months ago
- A Kerberos AP-REQ hijacking tool with DNS unsecure updates abuse.☆128Updated 5 months ago
- ☆58Updated 3 weeks ago
- Weaponizing DCOM for NTLM Authentication Coercions☆229Updated 2 months ago
- ☆151Updated 4 months ago
- Adversary Emulation Framework☆114Updated 11 months ago
- Parses Snaffler output file and generate beautified outputs.☆101Updated 5 months ago
- ☆61Updated 5 months ago
- Hybrid AD utilities for ROADtools☆80Updated last month
- Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel☆240Updated last week
- The OUned project automating Active Directory Organizational Units ACL exploitation through gPLink poisoning☆117Updated 2 months ago
- Python utility that generates "imageless" QR codes in various formats☆124Updated 10 months ago
- A web assembly (WASM) phishing lure generator based on pre-built templates and written in Rust with some GenAI assistance. W.A.L.K. aims …☆82Updated 9 months ago
- .NET Post-Exploitation Utility for Abusing Explicit Certificate Mappings in ADCS☆147Updated 4 months ago
- using graph proxy to monitor teams user presence☆54Updated 11 months ago
- ☆82Updated 10 months ago
- A tool leveraging Kerberos tickets to get Microsoft 365 access tokens using Seamless SSO☆176Updated 10 months ago
- Two in one, patch lifetime powershell console, no more etw and amsi!☆92Updated last month
- BloodHound PowerShell client☆56Updated 2 months ago