New reverse proxy tool Modlishka
You can Bypass Two-Factor Authentication and Automate Phishing Attacks by New Reverse Proxy Tool call Modlishka. A Polish cybersecurity researcher has released a tool called Modlishka designed for pen testers The tool will help the pentesters, but may also facilitating the APT Groups in phishing Modlishka Feature: Phishing tool that bypasses Gmail 2FA Support for majority of 2FA authentication schemes Support for majority of 2FA authentication schemes (by design). No website templates (just point Modlishka to the target domain - in most cases, it will be handled automatically). Full control of "cross" origin TLS traffic flow from your victims browsers (through custom new techniques). Flexible and easily configurable phishing scenarios through configuration options. Pattern based JavaScript payload injection. Striping website from all encryption and security headers (back to 90's MITM style). User credential harvesting (with context based on URL parameter passe