Skill UI

A comprehensive guide to detecting and mitigating advanced Adversary-in-the-Middle (AiTM) phishing attacks, which bypass Multi-Factor Authentication (MFA) using reverse proxies (e.g., Evilginx, EvilProxy). Learn defensive strategies including implementing FIDO2, configuring Conditional Access policies, and monitoring session hijacking indicators in SIEM/Web Proxies.

EvilGinx3 is an advanced Adversary-in-the-Middle (AiTM) framework designed for red teaming simulations. It goes beyond traditional credential harvesting by acting as a transparent proxy to intercept the entire authentication flow, including session cookies and Multi-Factor Authentication (MFA) tokens. This capability allows security professionals to assess the robustness of an organization's security posture against sophisticated account takeover attacks.

A comprehensive guide for detecting and mitigating OAuth token theft and replay attacks in cloud environments, specifically focusing on Microsoft Entra ID (Azure AD). This covers advanced threats like Primary Refresh Token (PRT) abuse, pass-the-cookie attacks, and Adversary-in-the-Middle (AitM) phishing. Use it for investigating anomalous sign-in behavior, configuring risk-based conditional access policies, and enforcing token protection to secure cloud identities.