all InfoSec news
Evil QR - Proof-of-concept To Demonstrate Dynamic QR Swap Phishing Attacks In Practice
Aug. 23, 2023, 12:30 p.m. | noreply@blogger.com (Unknown)
KitPloit - PenTest Tools! www.kitploit.com
Toolkit demonstrating another approach of a QRLJacking attack, allowing to perform remote account takeover, through sign-in QR code phishing.
It consists of a browser extension used by the attacker to extract the sign-in QR code and a server application, which retrieves the sign-in QR codes to display them on the hosted phishing pages.
Watch the demo video:
Read more about it on my blog: https://breakdev.org/evilqr-phishing
Configuration
The parameters used by Evil QR are hardcoded into extension and server source code, …
More from www.kitploit.com / KitPloit - PenTest Tools!
Jobs in InfoSec / Cybersecurity
Principal Security Engineer
@ Elsevier | Home based-Georgia
Infrastructure Compliance Engineer
@ NVIDIA | US, CA, Santa Clara
Information Systems Security Engineer (ISSE) / Cybersecurity SME
@ Green Cell Consulting | Twentynine Palms, CA, United States
Sales Security Analyst
@ Everbridge | Bengaluru
Alternance – Analyste Threat Intelligence – Cybersécurité - Île-de-France
@ Sopra Steria | Courbevoie, France
Third Party Cyber Risk Analyst
@ Chubb | Philippines