netskopeoss / phish_oauth
POC code to explore phishing attacks using OAuth 2.0 authorization flows, such as the device authorization grant.
☆32Updated 3 years ago
Related projects: ⓘ
- Azure AD RedTeam Full Enumeration Script used to query all aspects of your target Azure tenant.☆68Updated 2 months ago
- A Python implementation of dafthack's MSOLSpray. A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if …☆80Updated 3 months ago
- A collection of Neo4j/BloodHound queries to collect interesting information.☆45Updated 2 years ago
- Fly into Gophish with One Click (Infra Automation)☆42Updated last year
- Covenant is a collaborative .NET C2 framework for red teamers.☆41Updated 3 years ago
- ☆76Updated 4 years ago
- ☆39Updated 2 months ago
- Modular Enumeration and Password Spraying Framework☆104Updated 5 months ago
- This script is a multi-threaded Okta password sprayer.☆66Updated 8 months ago
- Password Spraying Script detecting current and previous passwords of Active Directory User☆63Updated 3 years ago
- DevOps for Hackers with Hands-On Labs w/ Ralph May (4-Hour Workshop)☆38Updated 3 years ago
- A tool to assist in the development of landing pages for phishing campaigns☆15Updated last year
- ☆35Updated 2 months ago
- HTTP(s) Screenshots for Pen Testers Who Value Their Time☆76Updated this week
- Parses Nessus .nessus files for exploitable vulnerabilities and outputs a report file in format MM-DD-YYYY-nessus.csv☆38Updated last year
- Veil-PowerView is a powershell tool to gain network situational awareness on Windows domains.☆47Updated 9 years ago
- ☆68Updated last year
- Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups☆57Updated last year
- Supporting material for my presentation "Adversarial Threat Modelling — A Practical Approach to Purple Teaming in the Enterprise"☆50Updated 2 years ago
- ☆50Updated last year
- A cloud-backed password cracking and assessment tool - Sponsored by Open Security☆67Updated last year
- TA505+ Adversary Simulation☆64Updated 3 years ago
- Collection of Azure Tools to Pull down for Attacking an Environment + quick tips and other useful information☆72Updated last year
- Bloodhound Portable for Windows☆51Updated last year
- This script gets all accepted domains in Microsoft 365 using autodiscover, gets the tenant name and checks if there is a Microsoft Defend…☆21Updated 3 months ago
- GoldenSAML Attack Libraries and Framework☆64Updated 3 months ago
- ☆73Updated 2 years ago
- Merge multiple nMap xml files into one☆47Updated 5 years ago
- A simple bastion host setup designed for cloud-hosted lab environments.☆28Updated 3 years ago