Open dumblob opened 3 years ago
I think we are safe from some of this, but I am definitely going to test it out :)
@dumblob Any chance you could do a quick test?
No time now to set up a current Cypht version. But let us fill the following table first:
particular visual spoofing | permalink to source code line(s) dealing with it |
---|---|
URLs in email bodies (both in plain text and HTML) | MISSING |
attachment names | MISSING |
email addresses "everywhere" (in email headers, bodies, etc.) | MISSING |
RTL/LTR domains | MISSING |
@dumblob
Please retest, as a lot has changed since you reported this issue. Notably, we now have 3 active branches and recently released Cypht 2.0.0
🗣 Suggestion
Current severe issues making it impossible to visually detect there is something wrong with the contents you're dealing with:
https://www.virtuesecurity.com/pentesting-user-interfaces/
Note, I didn't test this in Cypht, but I think there could be some more countermeasures implemented :wink:.