Jump to content
YOUR-AD-HERE
HOSTING
TOOLS
992Proxy

Locked Modlishka v.1.1.0 Evolved Released

itsMe

By MASTERitsMe
in Programs

 Share

Recommended Posts

itsMe Master Hacker

MASTERitsMe

Posted
Posted

This is the hidden content, please


This is the hidden content, please

Introduction

Modlishka is a very powerful Reverse Proxy tool that allows you to run phishing campaigns. It can be very useful to all pentesters since Modlishka is able to show current 2FA weaknesses (bypass 2FA protection on popular websites: Gmail, Yahoo, etc.) and help you find and implement adequate security solutions.

Disclaimer: This tool is made only for educational purposes and can be only used in legitimate penetration tests. Author does not take any responsibility for any actions taken by its users.
Modlishka: Powerful Reverse Proxy, Phishing NG, Bypassing 2FA

Modlishka is written in Go and it allows you to carry out an effective phishing campaign. In addition, according to the official docu, you can adjust the configuration for your chosen domain. This reverse proxy tool can be easily customized through a set of available command line options or JSON configuration files.

Modlishka tool is able to trick 2FA systems by collectiing 2FA tokens, without using fake templates (you just need to point to the target domain). To start pentesting/ phishing with Modlishka, all you need is TLS certificate and phishing domain.

Modlishka v.1.1.0 Evolved Released!

This release contains many bug fixes, improvements and redesign in comparison to the previous version.

Among the most interesting features in this release you will find:

  •     practical implementation of the \u201eClient Domain Hooking\u201d attack.
  •    
    This is the hidden content, please
  •     improved transparent proxying for both HTTP/HTTPS/mixed traffic
  •     HTTP TLS stripping
  •     HTTP TLS website wrapper (in case you need to secure your website).

From the usage perspective it is important to take into account that Modlishka will listen on both 80(HTTP) and 443(HTTPS) ports by default from now on. Parametr names have also changed (please consult the help output for details). Updated WIKI will follow shortly.

 

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.