← LibraryTechnique entry
SAAS-GH-OAUTH-DEVCODEInitial Access
GitHub OAuth Device-Code Phishing
Initiate device-flow against github.com/login/device, send code to victim — receive an access token with the granted scopes.
§ Where this technique fits
SAAS-GH-OAUTH-DEVCODE is catalogued under the Initial Access tactic of the offensive-security kill-chain. It appears in 0 approved dossiers in the registry, typically.