← LibraryTechnique entry
M365-DEVICE-CODEInitial Access
Device-Code Phishing (Microsoft Identity)
Initiate a device-code flow against login.microsoftonline.com, send the code+URL to the victim — get tokens without a fake login page.
§ Where this technique fits
M365-DEVICE-CODE is catalogued under the Initial Access tactic of the offensive-security kill-chain. It appears in 0 approved dossiers in the registry, typically.