In this webcast, Kuba Gretzky demonstrates how modern adversary-in-the-middle phishing operations can replicate legitimate authentication flows to bypass multi-factor authentication. We begin by showing how an attacker can quickly generate a realistic phishing site using modern tooling (including AI-assisted HTML/CSS/JS generation) that captures user credentials paul daraîche and relays them to a backend phishing framework (Evilginx). The backend then automates a real browser session against the legitimate target site, submitting the captured credentials and relaying any MFA challenge back to the phishing page so the victim unknowingly completes kouri richins authentication on the attacker’s behalf. Once the MFA step is completed, the attacker captures the authenticated session cookies or tokens from the background browser, enabling account takeover without needing the user’s MFA device. During the live demo we walk through the full attack flow and then analyze the underlying implementation, explaining how the phishing front-end, backend automation, and session mirroring components coordinate to replicate the legitimate login process in real time.
Follow Kuba on X at:
Learn more about Evilginx here:
If you'd like to help recensement 2026 out the channel and the community please consider joining as a channel member here on YouTube. All proceeds go back to the community!
