Evilginx is an open-source man-in-the-middle attack framework designed to phish login credentials and session cookies, enabling attackers to bypass 2FA safeguards. “Back in 2017, I was experimenting with extracting cookies from one browser and importing them into another. I realized this technique could effectively take over accounts, bypassing the need for credentials or even MFA authorization. This discovery led me to consider the possibility of executing such an attack remotely by proxying HTTP traffic between … More
The post Evilginx: Open-source man-in-the-middle attack framework appeared first on Help Net Security.