Evilginx2 is a man-in-the-middle framework that can be utilized to intercept credentials including two-factor methods victims utilize when logging in to a web application. Instead of just duplicating the target web application it proxies traffic to it making the experience seamless to the victim. In this episode Ralph May (@ralphte1) joins Beau Bullock to demo Evilginx2.

LINKS:
https://github.com/kgretzky/evilginx2
https://breakdev.org/evilginx-2-next-generation-of-phishing-2fa-tokens/