TokenSmith is a powerful tool designed to generate Entra ID access and refresh tokens, catering to offensive engagements such as adversary simulations, penetration testing, or even administrative tasks.
Built with operational security (OpSec) in mind, TokenSmith is compatible with popular Azure offensive tools and provides flexibility for various use cases.
--intune-bypass
flag.TokenSmith can be installed by building it from source or using pre-built binaries available in its release directory. To build from source:
git clone https://github.com/jumpseclabs/tokensmith.git
cd tokensmith
go get .
go build -o tokensmith main.go
For Windows, use GOOS=windows go build -o tokensmith.exe main.go
.
Authorization Code Flow
./tokensmith authcode
with optional flags for client ID, resource, or redirect URI.Intune Bypass
To bypass Intune Conditional Access, add the --intune-bypass
flag to the authcode
command.
Refresh Token Flow
Use an existing refresh token to obtain new tokens:
./tokensmith reftoken -r REFRESH_TOKEN [flags]
TokenSmith prioritizes OpSec by enabling flexible authentication methods without requiring risky binary execution on critical devices. Authentication can occur on a separate device, minimizing exposure.
Future updates aim to include:
TokenSmith is an indispensable tool for professionals seeking efficient Entra ID token management while maintaining robust OpSec practices.
The cp command, short for "copy," is the main Linux utility for duplicating files and directories. Whether…
Introduction In digital investigations, images often hold more information than meets the eye. With the…
The cat command short for concatenate, It is a fast and versatile tool for viewing and merging…
What is a Port? A port in networking acts like a gateway that directs data…
The ls command is fundamental for anyone working with Linux. It’s used to display the files and…
The pwd (Print Working Directory) command is essential for navigating the Linux filesystem. It instantly shows your…