Office-node is a proof-of-concept tool demonstrating automated MFA bypass techniques for Microsoft Outlook accounts. The tool utilizes Node.js and Playwright for browser automation to: - Intercept user email inputs - Relay credentials to legitimate Outlook login pages - Monitor server responses - Handle various authentication scenarios including: - Basic email/password authentication - Authenticator OTP verification - Phone number OTP verification The implementation requires ongoing maintenance due to Microsoft's interface changes and security updates.
FEATURES
SIMILAR TOOLS
A collection of Python scripts for password spraying attacks against Lync/S4B & OWA, featuring Atomizer, Vaporizer, Aerosol, and Spindrift tools.
A command that builds and executes command lines from standard input, allowing for the execution of commands with multiple arguments.
Tool for enumerating proxy configurations and generating CobaltStrike-compatible shellcode.
Interactive online malware sandbox for real-time analysis and threat intelligence
Generates randomized C2 profiles for Cobalt Strike to evade detection.
Parrot Security OS is a comprehensive, secure, and customizable operating system for cybersecurity professionals, offering over 600+ tools and utilities for red and blue team operations.
SharpEDRChecker scans system components to detect security products and tools.
BeEF is a specialized penetration testing tool for exploiting web browser vulnerabilities to assess security.
A digital archive of the internet, allowing users to capture and browse archived web pages.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.