Huu Phan | Blog Linux operating system | Linux operating system -Blog Huu Phan | www.huuphan.com

This Blog is protected by DMCA.com

huuphan.com. Powered by Blogger.

New reverse proxy tool Modlishka

You can Bypass Two-Factor Authentication and Automate Phishing Attacks by New Reverse Proxy Tool call Modlishka.
A Polish cybersecurity researcher has released a tool called Modlishka designed for pen testers
The tool will help the pentesters, but may also facilitating the APT Groups in phishing

Modlishka Feature:

  • Phishing tool that bypasses Gmail 2FA
  • Support for majority of 2FA authentication schemes
  • Support for majority of 2FA authentication schemes (by design).
  • No website templates (just point Modlishka to the target domain - in most cases, it will be handled automatically).
  • Full control of "cross" origin TLS traffic flow from your victims browsers (through custom new techniques).
  • Flexible and easily configurable phishing scenarios through configuration options.
  • Pattern based JavaScript payload injection.
  • Striping website from all encryption and security headers (back to 90's MITM style).
  • User credential harvesting (with context based on URL parameter passed identifiers).
  • Can be extended with your ideas through plugins.
  • Stateless design. Can be scaled up easily for an arbitrary number of users - ex. through a DNS load balancer.
  • Web panel with a summary of collected credentials and user session impersonation (beta).
  • Written in Go.

Modlishka Github: https://bit.ly/2RxKEGw
Source: https://ibm.co/2AQRsF2

post new :

Huu Phan | Blog Linux operating system | Huu Phan ~ Zimbra Mail Server,linux,bash script,centos,linux command | www.huuphan.com