This guide is to help with the setup of gophish to track clicks, and Evilginx2 to capture tokens and creds for O365 logins. This will work even if MFA is enabled on the target accounts. DISCLAIMER: This is for research purposes only, or for security folks with written approval to do phishing exercises. Please do […]