Introduction and Course Overview
Phishing, User Security, Passwords and MFA Fundamentals
-
The Evolution of Online Security, Passwords and Authentication (4:43)
-
Case Study – The LinkedIn Phishing Attack (4:14)
-
Deep Dive Analysis of Multi-Factor Authentication
-
Online Security 101: Passwords, 2FA Authentication, and Modern Attacking Tools (4:10)
-
A Deep-Dive into MITM (Man-in-the-Middle) Phishing Attacks with Evilginx4 (9:58)
-
Modern Amazon Phishing Attack - Demo (2:06)
-
Section summary
Introduction to Evilginx
Setting Up Your Environment
Session Tokens, Authentication Keys and Cookies Explained
Setting Up and Deploying Evilginx3
Staging Our First Engagement with Evilginx3
-
Introducing Evilginx3 Phishlets (8:30)
-
Setting Up our First Engagement with Evilginx3 and Creating First Phishlet File (7:01)
-
Configure Domain and Generating Phishing Lure (4:12)
-
How to Use Evilginx3 to Bypass Modern Multi-Factor Authentication (4:00)
-
Catching Phish with Evilginx3 (Full Walkthrough) (10:07)
-
Catching More Phish with Evilginx3 (Walkthrough #2) (3:24)
-
Section Wrap-Up
-
Section summary
Best Practices for Post Engagements
Defensive Section: Protecting Against Evilginx & Similar Cyber Attacks
Course Wrap-up, Review, and Final Assessment
(LIVE DEMO) Using EvilGoPhish, Evilginx3 & Modlishka on Github's Demo Phishing Protocol and Enterprise Checklist Review
