denniskniep / DeviceCodePhishingLinks
This is a novel technique that leverages the well-known Device Code phishing approach. It dynamically initiates the flow when the victim opens the phishing link and instantly redirects them to the authentication page. No authentication method, not even FIDO, is able to protect against this type of attack.
☆179Updated 2 months ago
Alternatives and similar repositories for DeviceCodePhishing
Users that are interested in DeviceCodePhishing are comparing it to the libraries listed below
Sorting:
- A Python POC for CRED1 over SOCKS5☆161Updated last year
- pysnaffler☆107Updated 3 months ago
- IronSharpPack is a repo of popular C# projects that have been embedded into IronPython scripts that execute an AMSI bypass and then refle…☆118Updated last year
- Python utility that generates "imageless" QR codes in various formats☆131Updated last year
- OAuth Device Code Phishing Toolkit☆94Updated 3 months ago
- ☆160Updated 10 months ago
- ☆214Updated last year
- ☆227Updated 6 months ago
- Find interesting files stored on (System Center) Configuration Manager (SCCM/CM) shares via HTTP(s)☆204Updated last year
- SCCMSecrets.py aims at exploiting SCCM policies distribution for credentials harvesting, initial access and lateral movement.☆249Updated 2 weeks ago
- ☆169Updated 5 months ago
- Group Policy Objects manipulation and exploitation framework☆280Updated this week
- Weaponizing DCOM for NTLM Authentication Coercions☆275Updated 5 months ago
- Malware As A Service☆135Updated last year
- C# implementation of TokenFinder. Steal M365 access tokens from Office Desktop apps☆144Updated last year
- The DCERPC only printerbug.py version☆179Updated last month
- Parses Snaffler output file and generate beautified outputs.☆111Updated 10 months ago
- A python tool to map the access rights of network shares into a BloodHound OpenGraphs easily☆230Updated 3 weeks ago
- tool for requesting Entra ID's P2P certificate and authenticating to a remote Entra joinned devices with it☆128Updated 3 months ago
- A web assembly (WASM) phishing lure generator based on pre-built templates and written in Rust with some GenAI assistance. W.A.L.K. aims …☆96Updated last year
- SOAPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) from Linux hosts.☆152Updated 4 months ago
- Tool to enumerate privileged Scheduled Tasks on Remote Systems☆205Updated last week
- Azure Post Exploitation Framework☆242Updated last month
- A PowerShell script to perform PKINIT authentication with the Windows API from a non domain-joined machine.☆163Updated last year
- Generate and Manage KeyCredentialLinks☆179Updated 2 months ago
- Adversary Emulation Framework☆126Updated 5 months ago
- A Python based tool to convert custom queries from Legacy BloodHound to BloodHound CE format, with the option to directly upload them to …☆34Updated 2 months ago
- ☆153Updated 8 months ago
- ☆85Updated last week
- ☆229Updated last year