OAuth Device Code Phishing Attack is a Python script designed for educational purposes to demonstrate a phishing technique using OAuth device code authentication against Office 365. This project aims to raise awareness about the potential risks associated with social engineering attacks.
To run the script, use the following command-line options:
python3 OAuth_Phishing.py [-h] [-m] [-s Sender_email] [-p Sender_password] [-r Recipient_email] [-n Recipient_name]
-h, --help: Show this help message and exit.
-m, --mail: Send a phishing email to the victim.
-s Sender_email, --sender Sender_email: Sender's email address.
-p Sender_password, --passwd Sender_password: Sender's email password. If you are using Gmail, please provide an 'app password' instead.
-r Recipient_email, --receiver Recipient_email: Recipient's email address.
-n Recipient_name, --name Recipient_name: Recipient's name.
- Clone the repository:
git clone https://github.com/Vishal-Raj007/OAuth-Device-Code-Phishing.git
cd OAuth-Device-Code-Phishing
- Install dependencies:
pip3 install -r requirements.txt
- Run the script:
python3 OAuth_Phishing.py
Contributions are welcome! If you find any issues or want to enhance the project, feel free to open an issue or submit a pull request.
This project is licensed under the MIT License.
For any questions or suggestions, feel free to reach out:
Author: Vishal Raj
Email: vishalraj.infosecpro@gmail.com