Bypassing multi-factor authentication was once considered more of a proof of concept than a real threat. In this video, we’ll go over four common techniques an attacker will use to hack multi-factor and two-factor authentication. We’ll go over Evilgenix2, which is a popular framework for stealing authentication cookies, and other methods an attacker can use to bypass the authentication process.

1:06 Evilgenix2 Frame
2:51 Defense and Protection Evilgenix
3:45 Pass the cookie
5:10 Skip Cookie Defense and Protection
5:56 SMS Middle Man
6:34 SIM card swap
8:13 Attack on Soft and Hard tokens
9:22 Hard Token Example

Resources/Links
-Evilgenix GitHub: https://github.com/kgretzky/evilginx2
-Example of Pass the Cookie: https://stealthbits.com/blog/bypassing-mfa-with-pass-the-cookie/
– SMS 0-day Android: https://stealthbits.com/blog/bypassing-mfa-with-pass-the-cookie/

Please feel free to connect and share this video with your friends and family if you find it useful.