mfa-bypass
Here are 13 public repositories matching this topic...
A tool to extract and abuse access tokens from AzureCLI for bypassing 2FA/MFA.
-
Updated
Feb 15, 2020 - C#
A professional AiTM Phishing Research Platform simulating legacy vs. modern authentication defenses (FIDO2/WebAuthn). Fully containerized & production-ready.
-
Updated
Jan 22, 2026 - JavaScript
{{OFFODE}} {This is POC of how an attacker automate user's responce and bypass outlook}
-
Updated
Jun 26, 2022 - EJS
Content supporting the DSAG workshop "SAP hacker in a day" 3rd December 2024
-
Updated
Apr 9, 2025 - Shell
ArchPhish is an advanced, Go-based penetration testing framework that bypasses two-factor authentication (2FA) using transparent reverse‑proxy techniques. It enables authorised red teams to assess an organisation's resilience against sophisticated phishing attacks by capturing credentials and session tokens in real time, even from MFA‑protected
-
Updated
May 21, 2026 - Go
Spinex is a high-performance adversary simulation framework designed to demonstrate the lifecycle of a modern phishing attack.
-
Updated
Jul 14, 2026 - Python
Automate OpenVPN TOTP authentication!
-
Updated
Nov 7, 2025 - Python
AiTM phishing case study — MFA bypass demonstration (academic red team exercise, ESME Sudria 2025–2026)
-
Updated
May 26, 2026
An MFA brute forcer to use against inadequately secured MFA solutions.
-
Updated
Feb 10, 2023 - Python
Defender-focused analysis of a Microsoft 365 device-code phishing campaign (OAuth device-authorization abuse, MFA-bypassing) - defanged IOCs, Entra hunting, no live samples.
-
Updated
Jul 12, 2026
Hijack user account through phishing web site with use of helium browser
-
Updated
Nov 13, 2023 - Python
Improve this page
Add a description, image, and links to the mfa-bypass topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the mfa-bypass topic, visit your repo's landing page and select "manage topics."