**Live workshop on Tuesday, July 15th at 10pm EST**In this workshop, we'll dive into real-world offensive security techniques used by threat actors - and how defenders can spot and stop them. You'll see a live demonstration of Evilginx, a powerful man-in-the-middle phishing framework used to steal session tokens and bypass MFA. We'll start with WordPress enumeration, covering how attackers gather intel from users, pages, and employees to craft convincing phishing lures. Then, we’ll move into session hijacking with Evilginx, showing how a legitimate login can be invisibly intercepted and weaponized—no passwords required.