RogueApps

When Apps Go Rogue.

This repository documents observed the TTPs associated with OIDC/OAuth 2.0 application attacks.

Contributing

If you want to contribute to the RogueApps project, please review the Wiki Contribution Guide and open an Issue. Please follow the issue template and include details about the observed TTPs for the RogueApp.

⚠️ Please do not submit any sensitive, private, or proprietary information.

Adding Contributions

When a contribution is accepted into the repo, add the details of the contribution to the rogueapps.toml file located in data/. Each app is defined as an [[apps]] block with [[apps.permissions]] sub-tables. New entries must be merged into main to go live on the actual site.

Development Guide

This site is built with Zola, a fast static site generator written in Rust.

Prerequisites

Install Zola: https://www.getzola.org/documentation/getting-started/installation/

Dev Install

Clone the repository and start the dev server:

zola serve

The dev server is now live at http://127.0.0.1:1111. Changes to templates, content, and static files are hot-reloaded.

Building

zola build

Output is written to the public/ directory.

Docker Quickstart

Clone the repo and then run the following from the root directory:

docker build -t rogueapps .
docker run -it -p 8080:8080 rogueapps