Forum Thread: How to Harvest Credentials Through HTTPS Instead of HTTP with SEtools? (To Avoid Browser Warnings)

Since 2017, browsers show a warning like "This connection is not secure" when entering credentials in a non-HTTPS page. This makes the attack ineffective.

I tried port forwarding my server to port 443, without luck. It did not connect at all.

Port 80 works just fine, but like I said, it leads to the security warnings in the browser that make the attack ineffective.

How can one harvest credentials through HTTPS?

Our Best Hacking & Security Guides

New Null Byte posts — delivered straight to your inbox.

Be the First to Respond

Share Your Thoughts

  • Hot
  • Active