Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
Go & Phish - Official Gophish integration released!
You can learn more about this update in the official blog post: https://breakdev.org/evilginx-3-3-go-phish/
CHANGELOG
Feature: Official GoPhish integration, using the fork: https://github.com/kgretzky/gophish
Feature: Added support to load custom TLS certificates from a public certificate file and a private key file stored in ~/.evilginx/crt/sites/<hostname>/. Will load fullchain.pem and privkey.pem pair or a combination of a .pem/.crt (public certificate) and a .key (private key) file. Make sure to run without -developer flag and disable autocert retrieval with config autocert off.
Feature: Added ability to inject force_post POST parameters into JSON content body (by @yudasm_).
Feature: Added ability to disable automated TLS certificate retrieval from LetsEncrypt with .
config autocert <on/off>
Feature: Evilginx will now properly recognize origin IP for requests coming from behind a reverse proxy (nginx/apache2/cloudflare/azure).
Fixed: Infinite redirection loop if the lure URL path was the same as the login path defined in the phishlet.
Fixed: Added support for exported cookies with names prefixed with __Host- and __Secure-.
Fixed: Global unauth_url can now be set to an empty string to have the server return 403 on unauthorized requests.
Fixed: Unauthorized redirects and blacklisting would be ignored for proxy_hosts with session: false (default) making it easy to detect evilginx by external scanners.
Fixed: IP address 127.0.0.1 is now ignored from being added to the IP blacklist.
Fixed: Added support for more TLDs to use with phishing domains (e.g. xyz, art, tech, wiki, lol & more)
Fixed: Credentials will now be captured also from intercepted requests.