TokenFlare is a serverless phishing simulation framework designed for Entra ID and M365, built primarily in JavaScript. The core logic is compact, with about 530 lines of code, allowing for quick deployment and customization. It supports various OAuth flows and includes features for bypassing Intune Conditional Access. Users can easily adjust client branding, URL structures, and redirects through the interactive command-line tool. Deployment options cater to both local and remote setups. For local deployment, users can obtain SSL certificates using Certbot. The framework is optimized for speed, enabling users to get a production-ready environment in minutes. Built-in operational security measures prevent bot and scraper interference, reducing the risk of campaigns being compromised shortly after launch. The setup process begins with initializing the project for a specific domain and proceeds through configuring the campaign with an interactive wizard. Remote deployment requires a Cloudflare account with an API token. Credentials and session data are sent to a configured webhook, supporting integration with platforms like Slack and Discord. Local storage of credentials is not implemented due to the serverless nature of Cloudflare Workers, making a reliable webhook necessary for capturing data. The tool emphasizes authorized use only, explicitly warning against illegal testing or violating Cloudflare's terms of service.