19 мин.
Phishing 2FA Tokens with CredSniper - Tradecraft Security Weekly #25 Tradecraft Security Weekly (Video)
-
- Технологии
Organizations are implementing two-factor on more and more web services. The traditional methods for phishing credentials is no longer good enough to gain access to user accounts if 2FA is setup. In this episode Mike Felch (@ustayready) and Beau Bullock (@dafthack) demonstrate a tool that Mike wrote called CredSniper that assists in cloning portals for harvesting two-factor tokens.
Links: https://github.com/ustayready/CredSniper
Organizations are implementing two-factor on more and more web services. The traditional methods for phishing credentials is no longer good enough to gain access to user accounts if 2FA is setup. In this episode Mike Felch (@ustayready) and Beau Bullock (@dafthack) demonstrate a tool that Mike wrote called CredSniper that assists in cloning portals for harvesting two-factor tokens.
Links: https://github.com/ustayready/CredSniper
19 мин.