evilginx2: Advanced Phishing with 2FA Bypass Framework
Summary
evilginx2 is a powerful man-in-the-middle attack framework designed for advanced phishing campaigns. It effectively captures login credentials and session cookies, enabling the bypass of two-factor authentication. Written in Go, this standalone application integrates its own HTTP and DNS server for easy setup and use.
Repository Info
Tags
Click on any tag to explore related repositories
Introduction
evilginx2 is a sophisticated man-in-the-middle (MitM) attack framework designed for advanced phishing campaigns. It specializes in capturing login credentials and session cookies, effectively bypassing two-factor authentication (2FA) mechanisms. As the successor to the original Evilginx, this version is entirely written in Go, operating as a standalone application with its own integrated HTTP and DNS server, making it remarkably easy to deploy and use.
The framework is a powerful tool for demonstrating what adept attackers can achieve. It is crucial to note that evilginx2 should only be used in legitimate penetration testing assignments with explicit written permission from all involved parties.
Installation
To get started with evilginx2, please refer to the comprehensive official documentation for detailed installation instructions and setup guides. The documentation covers everything from initial setup to configuring phishlets and launching your first campaign.
Examples
evilginx2 operates by setting up a reverse proxy that intercepts traffic between a victim and a legitimate website. It utilizes "phishlets" to define how to proxy specific websites, allowing it to capture credentials and session cookies in real-time. This capability enables security professionals to demonstrate how attackers can bypass multi-factor authentication by replaying the captured session.
For those looking to integrate evilginx2 with other tools, an official Gophish integration is available. This allows for streamlined phishing email campaigns that are compatible with evilginx2's advanced capabilities.
Why Use
evilginx2 is an indispensable tool for security professionals engaged in penetration testing and red team operations. Its unparalleled ability to bypass 2FA makes it highly effective in simulating real-world, sophisticated phishing attack vectors. The framework's standalone nature, written in Go, ensures simplified deployment and offers a robust, easy-to-use solution for demonstrating and understanding advanced phishing scenarios. It serves as a vital resource for defenders to comprehend and mitigate such threats.
Links
- GitHub Repository: kgretzky/evilginx2
- Official Documentation: help.evilginx.com
- Evilginx Pro: evilginx.com (Commercial version with advanced features)
- Evilginx Mastery Training Course: academy.breakdev.org/evilginx-mastery
- Gophish with Evilginx integration: kgretzky/gophish
- Evilginx 3.0 Release Blog Post: breakdev.org/evilginx-3-0-evilginx-mastery/