https://medium.com/@psychsecurity/mfa-phishing-using-novnc-and-aws-ebc781b4d093
https://mrd0x.com/browser-in-the-browser-phishing-attack/
https://github.com/kgretzky/evilginx2
https://webauthn.io
https://developer.apple.com/passkeys/
https://www.bleepingcomputer.com/news/security/evilproxy-phishing-campaign-targets-120-000-microsoft-365-users/