OAuth 2.0 – D E C E I V E R . I O

Deceive, Detect, Engage

Deceptive OAuth 2.0 Consent Screen

Craft a fake OAuth 2.0 consent screen that mimics a legitimate Google service but requests excessive or unusual permissions. Monitor interactions with this screen to identify attackers attempting to trick users into granting unauthorized access.

Fake OAuth 2.0 Server

Goal: To gather information about attackers attempting to exploit OAuth 2.0 vulnerabilities and detect their presence.

Approach: Monitoring access to the fake OAuth 2.0 server and analyzing attacker behavior.

Attackers who attempt to use the fake OAuth 2.0 server for authentication or authorization will be misled, and their actions will be logged.

Tag: OAuth 2.0

Deceptive OAuth 2.0 Consent Screen

Fake OAuth 2.0 Server

ORION Detlab: Forging Resilient Detections in the HEFAISTOS Ecosystem

The Maieutic Engine: Birth of a New Detection Engineering Paradigm

The Forge, The Guide, and The Hunter: Unifying Detection Engineering with the Mythological Triad of HEFAISTOS, KEDALION, and ORION

Dendrite: Bridging the Synaptic Gap Between External Intelligence and Internal Defense