all InfoSec news
Browserless Entra Device Code Flow
March 6, 2024, 3:17 p.m. | Andy Robbins
Security Boulevard securityboulevard.com
Did you know that it is possible to perform every step in Entra’s OAuth 2.0 Device Code flow — including the user authentication steps — without a browser?
Why that matters:
- Automating authentication flows enables and accelerates comprehensive and ongoing offensive research
- Headless authentication frees red teamers and pentesters from requiring browser or cookie access
- Demonstrating and explaining the automated flow enables future research and tooling by other parties, including automation of other …
authentication azure browser cloud computing cloud security code cybersecurity device entra flow germany headless information technology microsoft oauth oauth 2.0 offensive photo research sbn news
More from securityboulevard.com / Security Boulevard
Understanding Credential Phishing
1 day, 5 hours ago |
securityboulevard.com
Understanding Business Email Compromise (BEC)
1 day, 5 hours ago |
securityboulevard.com
Jobs in InfoSec / Cybersecurity
CyberSOC Technical Lead
@ Integrity360 | Sandyford, Dublin, Ireland
Cyber Security Strategy Consultant
@ Capco | New York City
Cyber Security Senior Consultant
@ Capco | Chicago, IL
Sr. Product Manager
@ MixMode | Remote, US
Corporate Intern - Information Security (Year Round)
@ Associated Bank | US WI Remote
Senior Offensive Security Engineer
@ CoStar Group | US-DC Washington, DC