optiv / Microsoft365_devicePhishView external linksLinks
A proof-of-concept script to conduct a phishing attack abusing Microsoft 365 OAuth Authorization Flow
☆104Aug 17, 2021Updated 4 years ago
Alternatives and similar repositories for Microsoft365_devicePhish
Users that are interested in Microsoft365_devicePhish are comparing it to the libraries listed below
Sorting:
- Using outlook COM objects to create convincing phishing emails without the user noticing. This project is meant for internal phishing.☆155Dec 22, 2020Updated 5 years ago
- (kinda) Malicious Outlook Reader☆138Mar 3, 2021Updated 4 years ago
- Scripts to automate standing up apache2 with mod_rewrite in front of C2 servers.☆47Feb 17, 2021Updated 4 years ago
- A proof-of-concept tool that attempts to retrieve the configuration from the memory dump of an F-Secure C3 Relay executable.☆18Jul 2, 2021Updated 4 years ago
- Pinjectra is a C/C++ OOP-like library that implements Process Injection techniques (with focus on Windows 10 64-bit)☆16Sep 4, 2020Updated 5 years ago
- User enumeration with Microsoft Teams API☆175Jul 9, 2021Updated 4 years ago
- Password attacks and MFA validation against various endpoints in Azure and Office 365☆153Feb 10, 2023Updated 3 years ago
- Federated Office365 user enumeration based on correlated response trend analysis☆50May 3, 2022Updated 3 years ago
- rustyIron is a tool that takes advantage of functionality within Ivanti's MobileIron MDM solution to perform single-factor authentication…☆44Mar 22, 2021Updated 4 years ago
- Low and slow password spraying tool, designed to spray on an interval over a long period of time☆218Jan 30, 2026Updated 2 weeks ago
- An Office365 User Attack Tool☆645Mar 19, 2024Updated last year
- Azure JWT Token Manipulation Toolset☆711Dec 6, 2024Updated last year
- A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.☆297Aug 18, 2023Updated 2 years ago
- Tool for interacting with outlook interop during red team engagements☆146Jun 29, 2021Updated 4 years ago
- Beacon Object Files for roasting Active Directory☆235Feb 21, 2022Updated 3 years ago
- Extendable payload obfuscation and delivery framework☆146Nov 4, 2022Updated 3 years ago
- Just some random Red Team Scripts that can be useful☆154Jun 28, 2024Updated last year
- A Red Team tool for exfiltrating sensitive data from Confluence pages.☆114Feb 21, 2023Updated 2 years ago
- Read Excel Spreadsheets (XLS/XLSX) using Cobalt Strike's Execute-Assembly☆90Sep 30, 2024Updated last year
- Service Enumeration C# .NET Assembly☆59Sep 14, 2021Updated 4 years ago
- A tool to be used in post exploitation phase for blue and red teams to bypass APPLICATIONCONTROL policies☆325Apr 8, 2023Updated 2 years ago
- Generate droppers with encrypted payloads automatically.☆54Nov 16, 2021Updated 4 years ago
- A basic Terraform configuration for provisioning simple red team infrastructure in DigitalOcean☆12May 5, 2021Updated 4 years ago
- Roast in the Middle☆296Sep 19, 2025Updated 4 months ago
- Just a PoC to turn xlsx (regular Excel files) into xlsm (Excel file with macro) and slipping inside a macro (vbaProject.bin)☆145Sep 4, 2021Updated 4 years ago
- (kinda) Malicious Outlook Reader☆19Mar 2, 2021Updated 4 years ago
- Brute force attack tool for Azure AD Autologon/Seamless SSO - Source: https://arstechnica.com/information-technology/2021/09/new-azure-ac…☆106Jun 27, 2024Updated last year
- Self-developed tools for Lateral Movement/Code Execution☆720Aug 17, 2021Updated 4 years ago
- Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods☆14Sep 30, 2022Updated 3 years ago
- Process Monitor filter for finding privilege escalation vulnerabilities on Windows☆79Jun 9, 2021Updated 4 years ago
- ☆39May 21, 2022Updated 3 years ago
- Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions☆93Mar 8, 2023Updated 2 years ago
- Collection of offensive tools targeting Microsoft Azure☆217Jan 18, 2023Updated 3 years ago
- Python3 o365 User Enumeration Tool☆562Jan 28, 2026Updated 2 weeks ago
- Maximizing BloodHound. Max is a good boy.☆531Apr 25, 2025Updated 9 months ago
- ☆48Nov 18, 2020Updated 5 years ago
- A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies☆34Sep 15, 2022Updated 3 years ago
- A C# tool to search through a running instance of Outlook for keywords☆111Jan 14, 2021Updated 5 years ago
- Firebase Domain Front Code☆21May 4, 2021Updated 4 years ago