{"id":20493851,"url":"https://github.com/qeeqbox/two-factor-authentication-sim-swapping","last_synced_at":"2026-03-10T05:31:03.801Z","repository":{"id":45827568,"uuid":"483806852","full_name":"qeeqbox/two-factor-authentication-sim-swapping","owner":"qeeqbox","description":"An adversary may utilize a sim swapping attack for defeating 2fa authentication","archived":false,"fork":false,"pushed_at":"2024-01-29T01:13:59.000Z","size":689,"stargazers_count":14,"open_issues_count":0,"forks_count":3,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-03-05T17:51:52.129Z","etag":null,"topics":["2fa","example","infosecsimplified","metadata","qeeqbox","sim","swapping","visualization","vulnerability"],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"agpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/qeeqbox.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-04-20T20:40:46.000Z","updated_at":"2025-01-27T14:36:54.000Z","dependencies_parsed_at":"2024-01-29T02:41:46.304Z","dependency_job_id":"b0498bcb-6e96-456a-ae23-e714615d05c8","html_url":"https://github.com/qeeqbox/two-factor-authentication-sim-swapping","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/qeeqbox/two-factor-authentication-sim-swapping","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/qeeqbox%2Ftwo-factor-authentication-sim-swapping","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/qeeqbox%2Ftwo-factor-authentication-sim-swapping/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/qeeqbox%2Ftwo-factor-authentication-sim-swapping/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/qeeqbox%2Ftwo-factor-authentication-sim-swapping/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/qeeqbox","download_url":"https://codeload.github.com/qeeqbox/two-factor-authentication-sim-swapping/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/qeeqbox%2Ftwo-factor-authentication-sim-swapping/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30326056,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-10T05:25:20.737Z","status":"ssl_error","status_checked_at":"2026-03-10T05:25:17.430Z","response_time":106,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["2fa","example","infosecsimplified","metadata","qeeqbox","sim","swapping","visualization","vulnerability"],"created_at":"2024-11-15T17:37:09.171Z","updated_at":"2026-03-10T05:31:03.680Z","avatar_url":"https://github.com/qeeqbox.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e \u003cimg src=\"https://raw.githubusercontent.com/qeeqbox/two-factor-authentication-sim-swapping/main/two-factor-authentication-sim-swapping.png\"\u003e\u003c/p\u003e\n\nAn adversary may utilize a sim swapping attack for defeating 2fa authentication.\n\n## Example #1\n1. Adversary steals the username and password pair for website\n2. Adversary compromises the victim's phone (convinces cell phone provider to swap victim's phone number with a different sim they own)\n3. Adversary logs in with the stolen username and password\n4. Adversary receives a pin code on the compromised phone and uses it for verification.\n\n## Impact\nHigh\n\n## Risk\n- gain unauthorized access\n\n## Redemption\n- use more factors\n\n## ID\n58a84977-90e1-4156-a555-8568e83115d0\n\n## References\n- [howtogeek](hthttps://www.howtogeek.com/668922/how-to-protect-yourself-from-sim-swapping-attacks/)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fqeeqbox%2Ftwo-factor-authentication-sim-swapping","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fqeeqbox%2Ftwo-factor-authentication-sim-swapping","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fqeeqbox%2Ftwo-factor-authentication-sim-swapping/lists"}