Autoplay
Autocomplete
Previous Lesson
Complete and Continue
Phishing Mastery: Hacking Multi-Factor Authentication Course
Introduction and Course Overview
Course Introduction and Welcome (3:30)
Important Legal and Ethical Disclaimer
Defining what a Hacker is in Modern Times (0:49)
A Brief History of Cyber Attacks (0:57)
Section summary
Phishing, User Security, Passwords and MFA Fundamentals
The Evolution of Online Security, Passwords and Authentication (4:43)
Case Study – The LinkedIn Phishing Attack (4:14)
Deep Dive Analysis of Multi-Factor Authentication
Online Security 101: Passwords, 2FA Authentication, and Modern Attacking Tools (4:10)
A Deep-Dive into MITM (Man-in-the-Middle) Phishing Attacks with Evilginx4 (9:58)
Modern Amazon Phishing Attack - Demo (2:06)
Section summary
Introduction to Evilginx
Introduction to Evilginx3 and Unveiling Its Beginnings with Creator Kuba Gretzky (4:30)
Evilginx and EvilProxy Context Resource - Popular Cyber Attacks
Evilginx Compared to Other Phishing Tool Kits Explained
Rencora Phishlet Example Resource
Section summary
Setting Up Your Environment
Infrastructure Setup (9:00)
Connecting our Domain to Evilginx VPS Server (2:28)
Session Tokens, Authentication Keys and Cookies Explained
What are Session Tokens, Authentication Keys and Cookies?
Introduction to Stealing Cookies (3:51)
Section summary
Setting Up and Deploying Evilginx3
Setting Up and Connecting Your Domain to the Evilginx VPS Server (2:28)
Installing Evilginx3 on DigitalOcean VPS (10:05)
Staging Our First Engagement with Evilginx3
Introducing Evilginx3 Phishlets (8:30)
Setting Up our First Engagement with Evilginx3 and Creating First Phishlet File (7:01)
Configure Domain and Generating Phishing Lure (4:12)
How to Use Evilginx3 to Bypass Modern Multi-Factor Authentication (4:00)
Catching Phish with Evilginx3 (Full Walkthrough) (10:07)
Catching More Phish with Evilginx3 (Walkthrough #2) (3:24)
Section Wrap-Up
Section summary
Best Practices for Post Engagements
Reviewing the Attack Engagement
Post-Engagement Best Practices (5:01)
Covering Your Tracks - Post-Engagement Cleanup (Domain, Settings, etc.) (3:34)
Section summary
Defensive Section: Protecting Against Evilginx & Similar Cyber Attacks
Essential Cybersecurity Defensive Checklist (7:07)
Closing Evilginx & Ending the Attack Simulation (2:04)
Safeguarding and Protecting 3rd Party Applications (0:47)
Effective Strategies for Strengthening Cybersecurity Defenses Moving Forward (1:11)
Course Wrap-up, Review, and Final Assessment
Course Conclusion (1:54)
Future Courses and Lessons
Section summary
(LIVE DEMO) Using EvilGoPhish, Evilginx3 & Modlishka on Github's Demo Phishing Protocol and Enterprise Checklist Review
Bypassing Github Authentication with EvilGoPhish, Evilginx3 & Modlishka (Spear Phishing Demonstration #3) (5:02)
Security Campaign Management Client Review Checklist
Teach online with
Introduction to Evilginx3 and Unveiling Its Beginnings with Creator Kuba Gretzky
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock