This is a novel technique that leverages the well-known Device Code phishing approach. It dynamically initiates the flow when the victim opens the phishing link and instantly redirects them to the authentication page. No authentication method, not even FIDO, is able to protect against this type of attack.
☆198Sep 19, 2025Updated 7 months ago
Alternatives and similar repositories for DeviceCodePhishing
Users that are interested in DeviceCodePhishing are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆139Nov 17, 2025Updated 5 months ago
- OAuth Device Code Phishing Toolkit☆122Apr 18, 2026Updated last week
- SharpSuccessor is a .NET Proof of Concept (POC) for fully weaponizing Yuval Gordon’s (@YuG0rd) BadSuccessor attack from Akamai.☆399Sep 26, 2025Updated 7 months ago
- ☆290Aug 14, 2025Updated 8 months ago
- Initial Access and Post-Exploitation Tool for Entra ID and M365 with a browser-based GUI☆1,278Apr 13, 2026Updated 2 weeks ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Cobalt Strike BOF for evasive .NET assembly execution☆317Mar 31, 2025Updated last year
- Azure Post Exploitation Framework☆246Oct 27, 2025Updated 6 months ago
- BOF for Kerberos abuse (an implementation of some important features of the Rubeus).☆575Nov 23, 2025Updated 5 months ago
- Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domai…☆307Mar 28, 2026Updated last month
- Automated Evilginx phishlet creator Extension for Burpsuite☆67Jan 10, 2025Updated last year
- Azure JWT Token Manipulation Toolset☆730Dec 6, 2024Updated last year
- A Python script for creating `.lnk` (shortcut) files with embedded encoded data and packaging them into ZIP archives.☆92Jan 8, 2025Updated last year
- Abusing Azure services over C2☆370Jan 20, 2026Updated 3 months ago
- A lexer and parser for Sleep☆20Feb 20, 2026Updated 2 months ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- SOCKS5 proxy tool that uses Azure Storage services as a means of communication.☆349Mar 21, 2026Updated last month
- Reaping treasures from strings in remote processes memory☆286Feb 8, 2025Updated last year
- ☆65Mar 15, 2024Updated 2 years ago
- Ghosting-AMSI☆235Apr 24, 2025Updated last year
- Curated list of public Beacon Object Files(BOFs) build in as submodules for easy cloning☆139Dec 7, 2025Updated 4 months ago
- A fork of the great TokenTactics with support for CAE and token endpoint v2☆416Apr 12, 2026Updated 2 weeks ago
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆349Nov 19, 2024Updated last year
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆57Apr 14, 2025Updated last year
- SoaPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) from Linux hosts.☆264Feb 21, 2025Updated last year
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- A C# tool with more flexibility to customize scheduled task for both persistence and lateral movement in red team operation☆18Dec 18, 2024Updated last year
- SACL Scanner is a tool designed to scan and analyze SACLs.☆51Feb 13, 2025Updated last year
- The most extensive collection of BOFs (Beacon Object Files) tailored for Red Teams using C++23☆23Jun 19, 2025Updated 10 months ago
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆284Sep 18, 2024Updated last year
- BOF with Synthetic Stackframe☆244Oct 30, 2025Updated 6 months ago
- GenZ Shellcode Generator to execute commands with winExec API☆22Apr 27, 2025Updated last year
- A BloodHound collector for Microsoft Configuration Manager☆399Jul 7, 2025Updated 9 months ago
- Offensive GPO dumping and analysis tool that leverages and enriches BloodHound data☆366Apr 8, 2026Updated 3 weeks ago
- .NET assembly loader with patchless AMSI and ETW bypass☆379Apr 19, 2023Updated 3 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Parses Snaffler output file and generate beautified outputs.☆142Jan 4, 2026Updated 3 months ago
- ☆163Apr 17, 2024Updated 2 years ago
- TokenSmith generates Entra ID access & refresh tokens on offensive engagements. It is suitable for both covert adversary simulations and …☆398Jan 23, 2025Updated last year
- Tool for working with Indirect System Calls in Cobalt Strike's Beacon Object Files (BOF) using SysWhispers3 for EDR evasion☆103Jul 9, 2025Updated 9 months ago
- Python3 utility for creating zip files that smuggle additional data for later extraction☆269May 15, 2025Updated 11 months ago
- FaceDancer is an exploitation tool aimed at creating hijackable, proxy-based DLLs by taking advantage of COM-based system DLL image loadi…☆427Apr 18, 2026Updated last week
- Weaponizing DCOM for NTLM Authentication Coercions☆275Jul 1, 2025Updated 10 months ago