BSides talks featuring maraki1982

Open-source post-exploitation toolkit for OAuth2 phishing that crafts malicious Microsoft/Google authorization URLs to harvest access tokens and exfiltrate emails and files from compromised cloud accounts