Cobalt Strike: “Browser Pivoting (Get past two-factor auth)”
This is a very cool post-exploitation technique that can be used to hijack the credentials of the user to hijack their sessions remotely for any website. Think GMail, Facebook, your company’s internal intranet websites, etc.
This method even bypasses 2 factor authentication. The real power of this attack is that while the user is in their session on the website in question (GMail, Yahoo, your internal sites, etc), the attacker can use that session and browse different areas of those websites without you knowing or necessarily affecting your session.