all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Evil QR - Proof-of-concept To Demonstrate Dynamic QR Swap Phishing Attacks In Practice

Add to bookmarks
Aug. 23, 2023, 12:30 p.m. | noreply@blogger.com (Unknown)

KitPloit - PenTest Tools! www.kitploit.com


Toolkit demonstrating another approach of a QRLJacking attack, allowing to perform remote account takeover, through sign-in QR code phishing.

It consists of a browser extension used by the attacker to extract the sign-in QR code and a server application, which retrieves the sign-in QR codes to display them on the hosted phishing pages.

Watch the demo video:

Read more about it on my blog: https://breakdev.org/evilqr-phishing


Configuration

The parameters used by Evil QR are hardcoded into extension and server source code, …

evilqr phishing attacks qr codes qrljacking rest api

Visit resource

More from www.kitploit.com / KitPloit - PenTest Tools!

MasterParser - Powerful DFIR Tool Designed For Analyzing And Parsing Linux Logs 21 hours ago | www.kitploit.com
cyber security dfir automation digital forensic masterparser +1
C2-Cloud - The C2 Cloud Is A Robust Web-Based C2 Framework, Designed To Simplify The … 1 day, 21 hours ago | www.kitploit.com
c2-cloud command & control hacking tool offensive security +4
OSTE-Web-Log-Analyzer - Automate The Process Of Analyzing Web Server Logs With The Python Web Log … 2 days, 21 hours ago | www.kitploit.com
attack detection lfi detection oste-web-log-analyzer rfi detection +1
ThievingFox - Remotely Retrieving Credentials From Password Managers And Windows Utilities 3 days, 21 hours ago | www.kitploit.com
ntlm post-exploitation powershell python +7
Galah - An LLM-powered Web Honeypot Using The OpenAI API 4 days, 21 hours ago | www.kitploit.com
galah golang llm openai api +3
CrimsonEDR - Simulate The Behavior Of AV/EDR For Malware Development Training 5 days, 21 hours ago | www.kitploit.com
amsi antivirus crimsonedr dll +5
Url-Status-Checker - Tool For Swiftly Checking The Status Of URLs 6 days, 16 hours ago | www.kitploit.com
bugbountyautomation bugbounty tools httpx infosys +2
CSAF - Cyber Security Awareness Framework 1 week ago | www.kitploit.com
csaf cybersecurity awareness linux socks5 +2
Espionage - A Linux Packet Sniffing Suite For Automated MiTM Attacks 1 week, 1 day ago | www.kitploit.com
arp-spoofing cybersecurity networking packet capture +5

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Principal Security Engineer

@ Elsevier | Home based-Georgia
View on infosec-jobs.com

Infrastructure Compliance Engineer

@ NVIDIA | US, CA, Santa Clara
View on infosec-jobs.com

Information Systems Security Engineer (ISSE) / Cybersecurity SME

@ Green Cell Consulting | Twentynine Palms, CA, United States
View on infosec-jobs.com

Sales Security Analyst

@ Everbridge | Bengaluru
View on infosec-jobs.com

Alternance – Analyste Threat Intelligence – Cybersécurité - Île-de-France

@ Sopra Steria | Courbevoie, France
View on infosec-jobs.com

Third Party Cyber Risk Analyst

@ Chubb | Philippines
View on infosec-jobs.com
View more jobs