No Hardening macOS this week. Got distracted.

Starkiller is a new phishing kit that proxies REAL login pages in real-time. It steals credentials, MFA tokens and session cookies — and MFA won't save you.

I wrote a full technical analysis: how AitM works, why traditional defences fail, and what to actually do about it.

Also released ja3-probe, a Rust PoC for TLS fingerprinting of phishing proxies.

→ Post: https://bytearchitect.io/network-security/Starkiller-Phishing-Kit-Why-MFA-Fails-Against-Real-Time-Reverse-Proxies/?ref=mastodon
→ PoC: https://github.com/gb-at-r3/ja3Probe

#infosec #phishing #AitM #MFA #TLS #security #rust