Home / Attack / Cookies / Evilginx / Framework / Man-in-the-Middle / Man-in-the-Middle Attack Framework / MITM / MITM Framework / Phishing / Web / Evilginx - MITM Attack Framework [Advanced Phishing With Two-factor Authentication Bypass]

Evilginx - MITM Attack Framework [Advanced Phishing With Two-factor Authentication Bypass]

| Post sponsored by FaradaySEC | Multiuser Pentest Environment

Evilginx is a man-in-the-middle attack framework used for phishing credentials and session cookies of any web service. It's core runs on Nginx HTTP server, which utilizes proxy_pass and sub_filter to proxy and modify HTTP content, while intercepting traffic between client and server.

You can learn how it works and how to install everything yourself on:

Usage
usage: evilginx_parser.py [-h] -i INPUT -o OUTDIR -c CREDS [-x]

optional arguments:
  -h, --help            show this help message and exit
  -i INPUT, --input INPUT
                        Input log file to parse.
  -o OUTDIR, --outdir OUTDIR
                        Directory where output files will be saved.
  -c CREDS, --creds CREDS
                        Credentials configuration file.
  -x, --truncate        Truncate log file after parsing.
Example:
python evilginx_parser.py -i /var/log/evilginx-google.log -o ./logs -c google.creds

Video
Evilginx - MITM Attack Framework [Advanced Phishing With Two-factor Authentication Bypass] Evilginx - MITM Attack Framework [Advanced Phishing With Two-factor Authentication Bypass] Reviewed by Zion3R on 11:12 AM Rating: 5