From zdnet.com
![phishing-page.png](https://zdnet2.cbsistatic.com/hub/i/2019/01/09/ee516abe-6c6d-4e7f-97b1-24d5cd2d3406/bdd3c1dd4b6b3ad05eeea84e202089ae/phishing-page.png)
A new penetration testing tool published at the start of the year by a security researcher can automate phishing attacks with an ease never seen before and can even blow through login operations for accounts protected by two-factor authentication (2FA).
Named Modlishka –the English pronunciation of the Polish word for mantis– this new tool was created by Polish researcher Piotr Duszyński.
Modlishka is what IT professionals call a reverse proxy, but modified for handling traffic meant for login pages and phishing operations.