OAuth Device Code Phishing Toolkit
☆122Feb 6, 2026Updated 2 months ago
Alternatives and similar repositories for squarephish2
Users that are interested in squarephish2 are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Parser and reconciliation tooling for large Active Directory environments.☆33Feb 18, 2025Updated last year
- This is a novel technique that leverages the well-known Device Code phishing approach. It dynamically initiates the flow when the victim …☆193Sep 19, 2025Updated 6 months ago
- Terms of Use Conditional Access M365 Evilginx Phishlet☆45Jun 23, 2025Updated 9 months ago
- Vectored Exception Handling Squared☆31Dec 27, 2025Updated 3 months ago
- AzDevRecon is a powerful web-based enumeration tool for offensive security professionals, red teamers, and pentesters targeting Azure Dev…☆29Oct 13, 2025Updated 6 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- BadExclusions is a tool to identify folder custom or undocumented exclusions on AV/EDR☆21Feb 8, 2024Updated 2 years ago
- Another version of .NET loader provides capabilities of bypassing ETW and AMSI, utilizing VEH for syscalls and loading .NET assemblies☆51Jul 6, 2025Updated 9 months ago
- Weaponizing DCOM for NTLM Authentication Coercions☆205Nov 4, 2025Updated 5 months ago
- Shellcode loader that executes embedded Lua from Rust.☆124Dec 16, 2024Updated last year
- Flexible LDAP proxy that can be used to inspect & transform all LDAP packets generated by other tools on the fly.☆204Feb 16, 2026Updated 2 months ago
- Python script to leverage MSFT_MTProcess WMI class☆40Sep 17, 2025Updated 6 months ago
- TokenCert☆102Nov 15, 2024Updated last year
- ☆165May 5, 2025Updated 11 months ago
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆78Dec 23, 2023Updated 2 years ago
- Wordpress hosting with auto-scaling - Free Trial • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Simple pure PowerShell POC to bypass Entra / Intune Compliance Conditional Access Policy☆169Nov 17, 2025Updated 4 months ago
- An executable that simplifies adding the msds-AllowedToActOnBehalfOfOtherIdentity attribute for RBCD☆49Mar 10, 2025Updated last year
- A Rust PoC implementation of the Early Bird process hollowing technique, inspired by https://github.com/boku7/HOLLOW.☆31Feb 7, 2025Updated last year
- A small How-To on creating your own weaponized WSL file☆125Jul 23, 2025Updated 8 months ago
- Azure Post Exploitation Framework☆245Oct 27, 2025Updated 5 months ago
- A simple rpc2socks alternative in pure Go.☆31Jul 8, 2024Updated last year
- Modular cross-platform Microsoft Graph API (Entra, o365, and Intune) enumeration and exploitation toolkit☆165Dec 7, 2024Updated last year
- A straightforward tool for exploiting SMTP Smuggling vulnerabilities.☆14Jul 22, 2024Updated last year
- ☆78Jan 1, 2026Updated 3 months ago
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- Persist like a Dodder☆68May 19, 2025Updated 10 months ago
- PoC XLL builder in Python/Nim☆50Nov 21, 2022Updated 3 years ago
- An HTA Application which builds Azure (Entra) Scenarios for Red Team Simulations☆63Aug 18, 2025Updated 7 months ago
- Fairy Law - Compromise or disable EDR security solutions☆71Dec 1, 2025Updated 4 months ago
- An App Domain Manager Injection DLL PoC on steroids☆211Dec 14, 2023Updated 2 years ago
- Spoofing desktop login applications with WinForms and WPF☆177Feb 19, 2024Updated 2 years ago
- Python implementation of GhostPack's Seatbelt situational awareness tool☆271Nov 12, 2024Updated last year
- ☆49Apr 9, 2025Updated last year
- BOF to steal browser cookies & credentials☆512Mar 4, 2026Updated last month
- Serverless GPU API endpoints on Runpod - Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- BOF for C2 framework☆44Nov 9, 2024Updated last year
- Golang Automation Framework for Cobalt Strike using the Rest API☆59Dec 4, 2025Updated 4 months ago
- ☆122Nov 21, 2024Updated last year
- Utilizng an MCP Server to communicate with your C2☆89May 15, 2025Updated 11 months ago
- PowerShell scripts to create sandboxed or vulnerable environments using HyperV and AutomatedLab☆95Mar 12, 2026Updated last month
- A small collection of Crystal Palace PIC loaders designed for use with Cobalt Strike☆217Updated this week
- Blog/Journal on how to backdoor VSCode extensions☆80Feb 24, 2026Updated last month