CredPhish is a PowerShell script designed to invoke credential prompts and exfiltrate passwords.
Features
It relies on [CredentialPicker] to collect user passwords, [Resolve-DnsName] for DNS exfiltration, and Windows Defender's [ConfigSecurityPolicy.exe] to perform arbitrary GET requests.
AIM
CredPhish is a PowerShell script designed to invoke credential prompts and exfiltrate passwords.
Features
It relies on [CredentialPicker] to collect user passwords, [Resolve-DnsName] for DNS exfiltration, and Windows Defender's [ConfigSecurityPolicy.exe] to perform arbitrary GET requests.
Checklist