Evilginx is a man-in-the-middle attack framework used for phishing credentials and session cookies of any web service. It’s core runs on Nginx HTTP server, which utilizes proxy_pass and sub_filter to proxy and modify HTTP content, while intercepting traffic between client and server.
Usage usage: evilginx_parser.py [-h] -i INPUT -o OUTDIR -c CREDS [-x] optional arguments: -h, --help show this help message and exit -i INPUT, --input INPUT Input log file to parse. -o OUTDIR, --outdir OUTDIR Directory where output files will be saved. -c CREDS, --creds CREDS Credentials configuration file. -x, --truncate Truncate log file after parsing.
Example:
python evilginx_parser.py -i /var/log/evilginx-google.log -o ./logs -c google.creds
Video Demo:
https://vimeo.com/212463675
Note:
Evilginx can be adapted to work with any website, not only with Google.
Disclaimer:
This project is released for educational purposes and should be used only in legitimate penetration testing assignments with written permission from to-be-phished parties.