Phishing NG. Bypassing 2FA with Modlishka:
GitHub repo: https://github.com/drk1wi/Modlishka
– penetration testing tool can automate phishing attacks, and can even lever out two-factor authentication (2FA)
– if attackers collect 2FA tokens in real-time, they can establish legitimate sessions
– attackers only need a domain name and valid TLS certificate to use the tool
mastodon.at is a microblogging site that federates with most instances on the Fediverse.