evilginx2
evilginx2 copied to clipboard
kgretzky
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
**Update** (23/08/25): the PR adds - [fix] request interception - [fix] request header capture - [feature] response interception - [feature] response header capture --- Hello there, This PR contains two...
The HTTP proxy should respect IPv4 address set in configuration and not listen on 0.0.0.0 so it won't interfere with other daemons listening on the same port on different (specific)...
Hi! I have been working on handling the response headers. Instead of deleting most of them, with this change, evilginx adapts them with the correct phishing domain. This was tested...
There where quite a few TLD missing from the `http_proxy.go`. I added them from the original list but excluded special character TLDs. The sort order is on purpose (longest to...
The session summary display table in terminal.go previously used Sprintf for formatting text (phishlet, username, password, and URL). When any of these contined a '%' followed by specific characters, as...
Reverts kgretzky/evilginx2#571
Enhanced Javascript : - MutationObserver to wait for form to load - Prevent and disable propagation when clicking on login - Send the password unencoded to Evilginx2 threw a useless...
This PR adds the ability to configure webhook notifications via the evilginx config file. By setting `webhook_url` and `webhook_param`, it is possible to extract params from proxied requests and forward...
V1. 2FA/Session tokens capture does not work. Will only grab User/Pass.
While deprecated, it may be good practice to remove these headers to help prevent any reported violations.
