denniskniep / DeviceCodePhishingLinks
This is a novel technique that leverages the well-known Device Code phishing approach. It dynamically initiates the flow when the victim opens the phishing link and instantly redirects them to the authentication page. No authentication method, not even FIDO, is able to protect against this type of attack.
☆171Updated 4 months ago
Alternatives and similar repositories for DeviceCodePhishing
Users that are interested in DeviceCodePhishing are comparing it to the libraries listed below
Sorting:
- A Python POC for CRED1 over SOCKS5☆159Updated 11 months ago
- Python utility that generates "imageless" QR codes in various formats☆127Updated last year
- OAuth Device Code Phishing Toolkit☆85Updated 2 weeks ago
- Group Policy Objects manipulation and exploitation framework☆243Updated 3 weeks ago
- pysnaffler☆102Updated 3 weeks ago
- ☆211Updated 3 months ago
- Find interesting files stored on (System Center) Configuration Manager (SCCM/CM) shares via HTTP(s)☆192Updated 11 months ago
- ☆212Updated last year
- A PowerShell script to perform PKINIT authentication with the Windows API from a non domain-joined machine.☆159Updated last year
- IronSharpPack is a repo of popular C# projects that have been embedded into IronPython scripts that execute an AMSI bypass and then refle…☆116Updated last year
- Bounces when a fish bites - Evilginx database monitoring with exfiltration automation☆180Updated last year
- Parses Snaffler output file and generate beautified outputs.☆107Updated 7 months ago
- Living off the land searches for explorer and sharepoint☆90Updated 4 months ago
- ☆161Updated 7 months ago
- Weaponizing DCOM for NTLM Authentication Coercions☆265Updated 2 months ago
- A python port of @dafthack's MFAsweep with some added OPSEC functionality. MFAde can be used to find single-factor authentication failure…☆44Updated 2 months ago
- SOAPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) from Linux hosts.☆132Updated last month
- SCCMSecrets.py aims at exploiting SCCM policies distribution for credentials harvesting, initial access and lateral movement.☆241Updated last week
- Azure Post Exploitation Framework☆213Updated last week
- Find interesting files stored on (System Center) Configuration Manager (SCCM/CM) SMB shares☆180Updated 2 years ago
- ☆114Updated 2 months ago
- Hybrid AD utilities for ROADtools☆89Updated 3 months ago
- tool for requesting Entra ID's P2P certificate and authenticating to a remote Entra joinned devices with it☆125Updated 3 weeks ago
- ☆71Updated last month
- PowerShell collector for adding MSSQL attack paths to BloodHound with OpenGraph☆236Updated last week
- Automating the MITM attack on WSUS☆265Updated 2 months ago
- Adversary Emulation Framework☆123Updated 2 months ago
- C# implementation of TokenFinder. Steal M365 access tokens from Office Desktop apps☆140Updated last year
- Fast context enumeration for newly obtained Active Directory credentials.☆64Updated 3 weeks ago
- Malware As A Service☆135Updated last year