Microsoft Edge - SmartScreen Page Spoof
The original version of this PoC was patched here,
but a simple change was found the same day of the patch: instead of encoding the dot, we are now adding a double slash before the "BlockSite".
Please, read the full blog-post for more information.
How to bypass the patch to keep spoofing the address bar with the Malware Warning
"BlockedDomain=" + tUrl.value + "&Host=" + taMsg.value + "#" + tUrl.value);
Questions? Ping me at @magicmac2000