- Joined
- May 15, 2017
- Messages
- 981
- Likes
- 760
- Points
- 1,045
Evilginx2 is a man-in-the-middle attack framework used for phishing login credentials along with session cookies, which in turn allows to bypass 2-factor authentication protection.
This tool is a successor to Evilginx, released in 2017, which used a custom version of nginx HTTP server to provide man-in-the-middle functionality to act as a proxy between a browser and phished website.
Present version is fully written in GO as a standalone application, which implements its own HTTP and DNS server, making it extremely easy to set up and use.
Installing from source
In order to compile from source, make sure you have installed GO of version at least 1.10.0 (get it from here) and that $GOPATHenvironment variable is set up properly (def. $HOME/go).
After installation, add this to your ~/.profile, assuming that you installed GO in /usr/local/go:
Now you should be ready to install evilginx2. Follow these instructions:
This tool is a successor to Evilginx, released in 2017, which used a custom version of nginx HTTP server to provide man-in-the-middle functionality to act as a proxy between a browser and phished website.
Present version is fully written in GO as a standalone application, which implements its own HTTP and DNS server, making it extremely easy to set up and use.
Installing from source
In order to compile from source, make sure you have installed GO of version at least 1.10.0 (get it from here) and that $GOPATHenvironment variable is set up properly (def. $HOME/go).
After installation, add this to your ~/.profile, assuming that you installed GO in /usr/local/go:
Then load it with source ~/.profiles.
Now you should be ready to install evilginx2. Follow these instructions:
You can now either run evilginx2 from local directory like:
or install it globally:
Download Evilginx2