webinar
GitHub Device Code Phishing: From Research to Real-World Exploitation
While security teams have focused on defending against Azure device code phishing, a new attack vector has emerged that’s flying under the radar. GitHub’s OAuth2 device flow represents an unexplored opportunity that our Red Team has weaponized with incredible effectiveness, achieving over 90% success rates using nothing more than an eight-digit code and a phone call. In recent Fortune 500 engagements, we’ve used this technique to compromise entire development environments, exfiltrate critical intellectual property, and maintain persistent access through OAuth tokens.
During this 30-minute session, our experts will demonstrate the complete attack chain and reveal how attackers can leverage pre-existing and custom OAuth applications to perfectly mimic legitimate corporate tools. Unlike traditional phishing, this technique exploits legitimate authentication flows and bypasses multi-factor authentication entirely. You’ll learn what signs to look for in your audit logs and how to protect your organization before you become the next victim.
During this 30-minute session, our experts will demonstrate the complete attack chain and reveal how attackers can leverage pre-existing and custom OAuth applications to perfectly mimic legitimate corporate tools. Unlike traditional phishing, this technique exploits legitimate authentication flows and bypasses multi-factor authentication entirely. You’ll learn what signs to look for in your audit logs and how to protect your organization before you become the next victim.