Varonis Threat Labs analyzed Bluekit, a comprehensive Phishing-as-a-Service platform that consolidates domain management, site creation, credential harvesting, and session token theft into a single dashboard. Notably, the kit integrates an AI Assistant powered by uncensored LLMs to draft phishing lures and features advanced post-login session hijacking capabilities, including automated cookie dumping and live target monitoring to bypass standard MFA controls.