STARWEST 2026 - Resiliency Testing

As QA and DevOps teams, you rigorously test your login flows, MFA integrations, and session timeouts. But how do you test for an attack that doesn't break the code and mirrors the entire environment? Enter Adversary-in-the-Middle (AiTM) attacks—a sophisticated phishing method using reverse-proxy toolkits (like Evilginx) that bypass Multi-Factor Authentication (MFA) by stealing live session tokens. In this session, Yaamini will move beyond standard functional testing to look at the technical reality of modern session-based threats. She will demonstrate how these "zero-hour" attacks operate...