Man-in-the-middle phishing attack using an Android app to grab session cookies for any website, which in turn allows to bypass 2-factor authentication protection. EvilApp brings as an example the hijacking and injection of cookies for authenticated Instagram sessions.
Also Read – DiscordRAT : Discord Remote Administration Tool Fully Written In Python
- Android Studio
Tested on Kali Linux 2020.1 x64
# git clone https://github.com/thelinuxchoice/EvilApp
# cd EvilApp
# bash evilapp.sh