John Tuyen

Adventures of Functional Mediocrity

03 Jun 24

Tracking AitM Campaigns

A summary of 6 Months Tracking AitM Campaigns and how phishing toolkits are evolving with AitM

I wonder if my phishing infrastrucutre was part of this data collection 😅. I've been testing and ramping up usage of Evilginx for my own engagements and it works surprisingly well especially when combined with post exploitation toolkits like ROADtools, TokenTatics, and AzureHound. Based on the attack paths and techniques I'm seeing in the environment today, I can envision more automation features coming in the future releases using Selenium or Puppeteer. I mean, what is stopping me from doing this using python scripting amirite?