Information Gathering Password Attacks

Evilginx – MITM Attack Framework anAdvanced Phishing with Two-factor Authentication Bypass

Evilginx is a man-in-the-middle attack framework used for phishing credentials and session cookies of any web service. It’s core runs on Nginx HTTP server, which utilizes proxy_pass and sub_filter to proxy and modify HTTP content, while intercepting traffic between client and server.

Example:

Video Demo:

Note:
Evilginx can be adapted to work with any website, not only with Google.

Disclaimer:

This project is released for educational purposes and should be used only in legitimate penetration testing assignments with written permission from to-be-phished parties.

Download Evilginx at GitHub

I started blogging around 2011 at #Ubuntupirates, #ProjectX and #pir8geek, I’m currently working as Network/Linux SysAdmin.

I’m a Linux,opensource advocate and interested in network security and InfoSec.

Leave a Reply