Microsoft365_devicePhish
Phishing attack tool
A tool designed to demonstrate a vulnerability in Microsoft's OAuth Authorization Flow for phishing attacks
A proof-of-concept script to conduct a phishing attack abusing Microsoft 365 OAuth Authorization Flow
94 stars
11 watching
25 forks
Language: Python
last commit: over 3 years ago
Linked from 1 awesome list
teamssix/awesome-cloud-securityRelated projects:
| Repository | Description | Stars |
|---|---|---|
 secureworks/phishinsuits | Demonstrates how to create an OAuth Device Code Phishing attack by exploiting configuration gaps in the device authorization flow. | 99 |
 octoberfest7/teamsphisher | A tool designed to send phishing messages and attachments to Microsoft Teams users | 1,039 |
 emalderson/thephish | An automated email analysis tool that uses machine learning and API integrations to identify phishing emails | 1,165 |
 mandiant/reelphish | A tool designed to test the effectiveness of phishing defenses by simulating real-time two-factor phishing attacks. | 509 |
 mdsecactivebreach/o365-attack-toolkit | A toolkit for simulating phishing attacks on Office 365 accounts | 1,043 |
 gemgeorge/sniperphish | A web-based phishing toolkit designed to simulate real-world attacks for security testing and awareness training. | 561 |
 logrhythm-labs/pie | A framework that detects and responds to phishing attacks by analyzing email contents, attachments, and links. | 180 |
 alteredsecurity/365-stealer | A phishing simulation tool that automates illicit consent grant attacks on Azure AD using Python3 and PHP. | 458 |
 timwhitez/doge-xss-phishing | A tool designed to automate cross-site scripting (XSS) phishing attacks using PHP and JavaScript. | 269 |
 zerofox-oss/phishpond | A tool for analyzing phishing kits in a contained environment | 44 |
 sebastian-mora/awsssome_phish | A tool for simulating phishing attacks on AWS SSO using a serverless architecture and automated deployment. | 31 |
 thewhiteh4t/pwnedornot | Tool to identify compromised email addresses and their potential password matches from publicly available data sources. | 2,257 |
 m1nl/pompa | A fully featured spear-phishing toolkit web frontend. | 50 |
 yaxser/sharpphish | This tool creates convincing phishing emails using Outlook COM objects to test an O365 module | 152 |
 raikia/fiercephish | A tool for managing phishing campaigns and simulating email attacks. | 1,327 |