Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
cert for metric.cloud.domain.com.nz - wildcard, .cloud.domain.com.nz
i have wildcard too .evil.biz
but got error: hostname unsupported: metric.cloud.evil.biz
{phish_sub: 'metric', orig_sub: 'metric', domain: 'cloud.domain.com.nz', session: true, is_landing: false} - not work
{phish_sub: 'metric', orig_sub: '', domain: 'metric.cloud.domain.com.nz', session: true, is_landing: false} - not work
{phish_sub: 'metric.cloud', orig_sub: 'metric.cloud', domain: 'domain.com.nz', session: true, is_landing: false} - not work
DO NOT ASK FOR PHISHLETS.
DO NOT ASK FOR HELP CREATING PHISHLETS.
DO NOT ASK TO FIX PHISHLETS.
DO NOT ADVERTISE OR TRY TO SELL PHISHLETS.
EXPECT A BAN OTHERWISE. THANK YOU!
REPORT ONLY BUGS OR FEATURE SUGGESTIONS.
orig domain: domain.com.nz (example) phis domain: evil.biz
I cant proxy metric.cloud.domain.com.nz
cert for metric.cloud.domain.com.nz - wildcard, .cloud.domain.com.nz i have wildcard too .evil.biz but got error: hostname unsupported: metric.cloud.evil.biz