SBN

Authomize Open Sources MFA Bombing Training Tool

Security is a cat and mouse arms race. Multi-factor Authentication was supposed to stop the attackers in their tracks, but nature being what it is, has led to hackers finding creative ways around our additional layers of protection.

Attacks on Uber, Microsoft, and Cisco, just to name a few, have all utilized a tactic called MFA bombing to wear down their targets into submission with waves of MFA prompts, coercing them into approving their requests and allowing them to successfully complete their breach.

You can learn more about MFA bombing in our video here below.

While Microsoft is adding new features to help fight against MFA fatigue, security teams still need to engage with their workforce to build resilience against these attacks.

Thankfully, Authomize’s research team is here to help with a new open source training tool.

Check out our tool here:

https://github.com/authomize/mfa-bombing 

Who is it Good for?

Focusing on defending access to Okta, this tool provides value for both the Blue and Red teams.      

  1. Blue Team

    For the defense crew, use the tool to send prompts to all relevant users, raising awareness of the issue and testing their acumen.

    Some blue teams may decide to shift over to being purple and use it to try and elevate their privileges as part of the testing.

  2. Red Team

    If you have creds for a user, this will automate the continuous bombardment of a user with MFA push requests until they relent, giving you a session token to login with.

A Gentle Reminder to Play Nice

Our hope is that everyone will find this tool useful and we can play a part in making your team a little bit more aware and a lot safer. 

Our one suggestion/request is to use this tool conscientiously, utilizing it as an opportunity to educate and not to hit those who fall for the test with a big stick. 

Just like sending phishing emails can be useful for training, the goal should not be to alienate your workforce. 

At the end of the day, striking the right balance between running them through the paces while maintaining a good working relationship wherein they will still want to reach out to you when an issue arises is essential.

Have fun and let us know what you think of our tool by responding in the repo or to this post.

The post Authomize Open Sources MFA Bombing Training Tool appeared first on Authomize.

*** This is a Security Bloggers Network syndicated blog from Authomize authored by Gabriel Avner. Read the original post at: https://www.authomize.com/blog/authomize-open-sources-mfa-bombing-training-tool/

Avatar photo

Gabriel Avner

Gabriel is a former journalist who loves learning and writing about the cat and mouse game of security. These days he writes for WhiteSource about the issues impacting open source security and license management and training Brazilian Jiu-Jitsu.

gabriel-avner has 51 posts and counting.See all posts by gabriel-avner