When Apps Go Rogue.
This repository documents observed the TTPs associated with OIDC/OAuth 2.0 application attacks.
If you want to contribute to the RogueApps project, please review the Wiki Contribution Guide and open an Issue. Please follow the issue template and include details about the observed TTPs for the RogueApp.
⚠️ Please do not submit any sensitive, private, or proprietary information.
When a contribution is accepted into the repo, add the details of the contribution to the rogueapps.toml file located in data/. Each app is defined as an [[apps]] block with [[apps.permissions]] sub-tables. New entries must be merged into main to go live on the actual site.
This site is built with Zola, a fast static site generator written in Rust.
Install Zola: https://www.getzola.org/documentation/getting-started/installation/
Clone the repository and start the dev server:
zola serveThe dev server is now live at http://127.0.0.1:1111. Changes to templates, content, and static files are hot-reloaded.
zola buildOutput is written to the public/ directory.
Clone the repo and then run the following from the root directory:
docker build -t rogueapps .
docker run -it -p 8080:8080 rogueapps