Advanced AiTM Technology — Beyond Reverse Proxy

The World's Only
AiTM Phishing Platform

BlackPhish uses real browser rendering to proxy any login page — Microsoft 365, Google Workspace, Instagram, Twitter, and more. Simulate advanced attacks including 2FA bypass to truly test your organization's defenses.

Start Free Trial See How It Works
+

Works with any login page — no templates needed

Core Technology

Advanced AiTM Technology

The world's first phishing simulation platform with built-in AiTM. Not a simple reverse proxy — BlackPhish uses real headless browser rendering to display actual login pages. No URL rewriting, no proxy artifacts, no phishlets needed.

1

Target clicks the link

A convincing phishing email leads the target to your simulation URL.

2

Real login page renders

Our server-side browser (Puppeteer) opens the actual login page and streams it pixel-perfect to the target.

3

Credentials & 2FA captured

Every keystroke, every 2FA code, every session token — captured in real-time as the target interacts with the page.

4

Full session hijack simulation

Session cookies are captured, demonstrating how attackers bypass even the strongest 2FA protections.

Target Employee
Sees the real login page
Proxied via WebSocket
BlackPhish AiTM Server
Puppeteer headless browser + capture engine
Real HTTPS connection
Real Login Pages
Microsoft, Google, Instagram, Twitter...

2FA Bypass Simulation

Test if your team falls for the most advanced attacks. Capture SMS codes, authenticator tokens, and session cookies in real-time.

Undetectable Pages

No static clones that look outdated. The real page renders through our server — every button, every pixel, every dynamic element.

Any Login Page

Microsoft 365, Google Workspace, Instagram, Twitter, LinkedIn, Facebook — or any custom web application. No templates needed.

Why Advanced AiTM beats simple reverse proxy

BlackPhish Advanced AiTM
  • Real browser rendering — pixel-perfect pages
  • No URL rewriting artifacts or broken resources
  • Works with JavaScript-heavy SPAs (React, Angular)
  • Handles dynamic content, CAPTCHAs, and redirects
  • Undetectable by anti-phishing browser extensions
  • Full session capture including cookies & tokens
Traditional Reverse Proxy
  • URL rewriting often breaks page elements
  • Proxy artifacts detectable by security tools
  • Breaks on complex JavaScript applications
  • CAPTCHAs and anti-bot measures block proxy
  • Easily flagged by browser phishing protection
  • Requires per-site configuration (phishlets)

Works With Every Platform

AiTM technology works with any web-based login page. Here are some of the most commonly tested platforms.

Microsoft 365
+ Azure AD
Google
Workspace
Instagram
+ Threads
X / Twitter
All features
LinkedIn
Professional
Facebook
+ Meta

AiTM works with any web-based login page — including custom enterprise applications, VPNs, and portals.

Complete Phishing Simulation Platform

Beyond AiTM — everything you need to run professional security awareness campaigns.

Campaign Management

Create, schedule, and monitor campaigns with advanced targeting, A/B testing, and domain rotation.

Email Templates

Rich HTML editor with dynamic variables, attachments, and a growing template library.

Real-time Analytics

Live dashboards, click tracking, credential capture rates, and exportable reports.

Team Workspaces

Multi-tenant workspaces with role-based access control for red teams of any size.

SMTP & Sender Profiles

Bring your own SMTP, use domain rotation, and manage multiple sender identities.

Enterprise Security

2FA, SSO, audit logs, session management, and comprehensive access controls.

Simple, transparent pricing

Start free, scale as you grow. AiTM included in all paid plans.

Free

Get started

$0 /month
  • 1 campaign
  • 10 emails/month
  • Basic templates
  • Basic analytics
Get Started

Starter

Small teams

$49 /month
  • 10 campaigns
  • 1,000 emails/month
  • 3 team members
  • AiTM included
Get Started
Popular

Pro

Growing teams

$149 /month
  • 100 campaigns
  • 10,000 emails/month
  • 10 team members
  • AiTM + 2FA capture
  • Domain rotation
Get Started

Enterprise

Large orgs

Custom
  • Unlimited everything
  • Full AiTM suite
  • SSO & SCIM
  • Dedicated infra
  • Priority support
Contact Sales

Frequently Asked Questions

What is AiTM phishing and how does it work?
AiTM (Adversary-in-the-Middle) uses a real headless browser on our server to open the actual target login page. The page is streamed pixel-perfect to the victim via WebSocket. Every interaction — keystrokes, clicks, 2FA codes — passes through our server, allowing complete capture of credentials and session tokens.
Can AiTM bypass two-factor authentication?
Yes. Since the real login page is being proxied, when the target enters their 2FA code (SMS, authenticator app, push notification), it goes through our server to the real service. This means we capture not just the credentials but the entire authenticated session, including session cookies — effectively bypassing 2FA.
Which login pages does AiTM support?
AiTM works with any web-based login page including Microsoft 365, Google Workspace, Instagram, Twitter/X, LinkedIn, Facebook, and any custom enterprise application. Since it renders the real page, no pre-built templates are needed.
Is this legal to use?
BlackPhish is designed exclusively for authorized security testing and red team engagements. Users must have written authorization from the target organization before running any simulations. Unauthorized use is strictly prohibited and may violate applicable laws.

Ready to test your defenses?

Deploy the most advanced phishing simulations available. See how your team handles real-world AiTM attacks.

Get Started Free