Autoplay
Autocomplete
Previous Lesson
Complete and Continue
Phishing Mastery: Hacking Multi-Factor Authentication Course
Introduction and Course Overview
Course Introduction and Welcome (3:30)
Important Legal and Ethical Disclaimer
Defining what a Hacker is in Modern Times (0:49)
A Brief History of Cyber Attacks (0:57)
Section summary
Phishing, User Security, Passwords and MFA Fundamentals
The Evolution of Online Security, Passwords and Authentication (4:43)
Case Study – The LinkedIn Phishing Attack (4:14)
Deep Dive Analysis of Multi-Factor Authentication
Online Security 101: Passwords, 2FA Authentication, and Modern Attacking Tools (4:10)
A Deep-Dive into MITM (Man-in-the-Middle) Phishing Attacks with Evilginx4 (9:58)
Modern Amazon Phishing Attack - Demo (2:06)
Section summary
Introduction to Evilginx
Introduction to Evilginx3 and Unveiling Its Beginnings with Creator Kuba Gretzky (4:30)
Evilginx and EvilProxy Context Resource - Popular Cyber Attacks
Evilginx Compared to Other Phishing Tool Kits Explained
Rencora Phishlet Example Resource
Section summary
Setting Up Your Environment
Infrastructure Setup (9:00)
Connecting our Domain to Evilginx VPS Server (2:28)
Session Tokens, Authentication Keys and Cookies Explained
What are Session Tokens, Authentication Keys and Cookies?
Introduction to Stealing Cookies (3:51)
Section summary
Setting Up and Deploying Evilginx3
Setting Up and Connecting Your Domain to the Evilginx VPS Server (2:28)
Installing Evilginx3 on DigitalOcean VPS (10:05)
Staging Our First Engagement with Evilginx3
Introducing Evilginx3 Phishlets (8:30)
Setting Up our First Engagement with Evilginx3 and Creating First Phishlet File (7:01)
Configure Domain and Generating Phishing Lure (4:12)
How to Use Evilginx3 to Bypass Modern Multi-Factor Authentication (4:00)
Catching Phish with Evilginx3 (Full Walkthrough) (10:07)
Catching More Phish with Evilginx3 (Walkthrough #2) (3:24)
Section Wrap-Up
Section summary
Best Practices for Post Engagements
Reviewing the Attack Engagement
Post-Engagement Best Practices (5:01)
Covering Your Tracks - Post-Engagement Cleanup (Domain, Settings, etc.) (3:34)
Section summary
Defensive Section: Protecting Against Evilginx & Similar Cyber Attacks
Essential Cybersecurity Defensive Checklist (7:07)
Closing Evilginx & Ending the Attack Simulation (2:04)
Safeguarding and Protecting 3rd Party Applications (0:47)
Effective Strategies for Strengthening Cybersecurity Defenses Moving Forward (1:11)
Course Wrap-up, Review, and Final Assessment
Course Conclusion (1:54)
Future Courses and Lessons
Section summary
(LIVE DEMO) Using EvilGoPhish, Evilginx3 & Modlishka on Github's Demo Phishing Protocol and Enterprise Checklist Review
Bypassing Github Authentication with EvilGoPhish, Evilginx3 & Modlishka (Spear Phishing Demonstration #3) (5:02)
Security Campaign Management Client Review Checklist
Teach online with
Section summary
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock