denniskniep / DeviceCodePhishingLinks
This is a novel technique that leverages the well-known Device Code phishing approach. It dynamically initiates the flow when the victim opens the phishing link and instantly redirects them to the authentication page. No authentication method, not even FIDO, is able to protect against this type of attack.
☆141Updated last month
Alternatives and similar repositories for DeviceCodePhishing
Users that are interested in DeviceCodePhishing are comparing it to the libraries listed below
Sorting:
- A Python POC for CRED1 over SOCKS5☆149Updated 8 months ago
- Living off the land searches for explorer and sharepoint☆83Updated last month
- ☆203Updated last year
- Hybrid AD utilities for ROADtools☆74Updated last week
- OAuth Device Code Phishing Toolkit☆60Updated last month
- ☆151Updated 4 months ago
- IronSharpPack is a repo of popular C# projects that have been embedded into IronPython scripts that execute an AMSI bypass and then refle…☆115Updated last year
- ☆61Updated 4 months ago
- pysnaffler☆99Updated 2 months ago
- ☆191Updated 8 months ago
- Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel☆231Updated 2 weeks ago
- Parses Snaffler output file and generate beautified outputs.☆100Updated 4 months ago
- ☆219Updated 7 months ago
- Azure Post Exploitation Framework☆199Updated 3 months ago
- ☆117Updated 2 months ago
- Weaponizing DCOM for NTLM Authentication Coercions☆223Updated last month
- ☆80Updated 10 months ago
- .NET Post-Exploitation Utility for Abusing Explicit Certificate Mappings in ADCS☆147Updated 3 months ago
- A tool leveraging Kerberos tickets to get Microsoft 365 access tokens using Seamless SSO☆173Updated 9 months ago
- Adversary Emulation Framework☆108Updated 10 months ago
- ☆162Updated 2 weeks ago
- The OUned project automating Active Directory Organizational Units ACL exploitation through gPLink poisoning☆115Updated 2 months ago
- SOCKS5 proxy tool that uses Azure Blob Storage as a means of communication.☆176Updated last month
- C2 Infrastructure Automation☆101Updated 2 months ago
- ☆136Updated last month
- ☆50Updated last week
- ☆151Updated 3 months ago
- ☆90Updated last month
- Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement☆170Updated 2 weeks ago
- Tool for Active Directory Certificate Services enumeration and abuse☆161Updated last month