PhishInSuits
Device Phishing Attack
Demonstrates how to create an OAuth Device Code Phishing attack by exploiting configuration gaps in the device authorization flow.
99 stars
4 watching
16 forks
Language: Python
last commit: over 3 years ago Related projects:
| Repository | Description | Stars |
|---|---|---|
 optiv/microsoft365_devicephish | A tool designed to demonstrate a vulnerability in Microsoft's OAuth Authorization Flow for phishing attacks | 92 |
 sebastian-mora/awsssome_phish | A tool for simulating phishing attacks on AWS SSO using a serverless architecture and automated deployment. | 29 |
 omergunal/pot | Automated phishing attack simulation tool | 251 |
| secureworks/dalton | A system that enables users to test network packet captures against various intrusion detection systems using defined rulesets and/or bespoke rules. | 451 |
 octoberfest7/teamsphisher | A tool designed to send phishing messages and attachments to Microsoft Teams users | 1,031 |
 societe-generale/swordphish-awareness | An application designed to raise awareness of phishing among users by providing a simple way to report suspicious emails. | 220 |
 zerofox-oss/phishpond | A tool for analyzing phishing kits in a contained environment | 43 |
 timwhitez/doge-xss-phishing | A tool designed to automate cross-site scripting (XSS) phishing attacks using PHP and JavaScript. | 269 |
 m1nl/pompa | A fully featured spear-phishing toolkit web frontend. | 49 |
 pentestgeek/phishing-frenzy | A Ruby on Rails tool used to simulate phishing attacks and test email security vulnerabilities | 794 |
 mdsecactivebreach/o365-attack-toolkit | A toolkit for simulating phishing attacks on Office 365 accounts | 1,037 |
 marshyski/sshwatch | An intrusion prevention system that monitors SSH logs to detect and block malicious brute-force attacks. | 46 |
 emalderson/thephish | An automated email analysis tool that uses machine learning and API integrations to identify phishing emails | 1,154 |
 geekshiv/smart-contract-hacking | A collection of resources and information on the topic of smart contract security testing and vulnerabilities. | 235 |
 julioliraup/antiphishing | Creates rules to block phishing attacks by integrating data from community APIs. | 2 |