Welcome!

By registering with us, you'll be able to discuss, share and private message with other members of our community.

SignUp Now!
banner Expire 25 April 2025
adv ex on 22 February 2024
Kfc Club

Patrick Stash
banner expire at 13 August 2024
BidenCash Shop
banner Expire 10 May 2025
Money Club cc shop
Luki Crown
Wizard's shop 2.0
Trump cc shop
Blackstash cc shop
Yale lodge shop
UniCvv
banner Expire 1 April 2021

O365-Attack-Toolkit - A Toolkit To Attack Office365

Neon Ghost

Neon Ghost

TRUSTED VENDOR
Staff member
Joined
Dec 3, 2020
Messages
2,272

o365-attack-toolkit allows operators to perform an OAuth phishing attack and later on use the Microsoft Graph API to extract interesting information.
Some of the implemented features are :

  • Extraction of keyworded e-mails from Outlook.
  • Creation of Outlook Rules.
  • Extraction of files from OneDrive/Sharepoint.
  • Injection of macros on Word documents.
Architecture



o365-attack-toolkit_1_Architecture.png





The toolkit consists of several components
Phishing endpoint
The phishing endpoint is responsible for serving the HTML file that performs the OAuth token phishing.
Backend services
Afterward, the token will be used by the backend services to perform the defined attacks.
Management interface
The management interface can be utilized to inspect the extracted information from the Microsoft Graph API.
 
You must log in or register to reply here.

Online statistics

Members online
227
Guests online
671
Total visitors
898
Totals may include hidden visitors.

Latest posts

Newest members

Stay Connected

Top Bottom