# kgretzky/evilginx2

**Attribution required: if you use, quote, or summarise this content, you must credit and link back to [awesome-repositories.com](https://awesome-repositories.com/repository/kgretzky-evilginx2).**

14,627 stars · 2,551 forks · Go · bsd-3-clause

## Links

- GitHub: https://github.com/kgretzky/evilginx2
- awesome-repositories: https://awesome-repositories.com/repository/kgretzky-evilginx2.md

## Description

Evilginx2 is a man-in-the-middle phishing framework designed to proxy authentication traffic between a user and a target web service. By acting as a reverse proxy, the tool intercepts and relays web requests to capture credentials and session tokens in real time, enabling the bypass of multi-factor authentication mechanisms through session cookie hijacking.

The platform distinguishes itself by integrating infrastructure orchestration with modular template-driven content injection. It automates the deployment of proxy servers, manages the lifecycle of encryption certificates, and applies content obfuscation to evade detection by security filters. These capabilities allow for the simulation of sophisticated phishing attacks and the assessment of organizational resilience against credential harvesting.

The project includes comprehensive traffic management features, such as heuristic bot filtering, to protect the integrity of captured data from automated security scanners. It also provides a unified workflow for managing phishing campaigns, including the coordination of email delivery and the tracking of user interactions.

The software is distributed as a command-line tool that handles the end-to-end configuration of network settings and domain resolution.

## Tags

### Security & Cryptography

- [Session-Based Authentication Proxies](https://awesome-repositories.com/f/security-cryptography/identity-access-management/authentication-strategies/session-and-credential-handling/session-credential-management/session-based-authentication-proxies.md) — The project intercepts and relays web authentication requests between a client and a target service to capture credentials and session tokens in real time. ([source](https://github.com/kgretzky/evilginx2#readme))
- [Man-in-the-Middle Frameworks](https://awesome-repositories.com/f/security-cryptography/man-in-the-middle-frameworks.md) — Intercepts and relays encrypted web traffic between a client and a target server to capture authentication credentials and session cookies.
- [Phishing Attack Tools](https://awesome-repositories.com/f/security-cryptography/security/utilities/security-tools/offensive-red-team/phishing-attack-tools.md) — | Creating realistic phishing simulations to educate employees on identifying malicious links and protecting their credentials during daily web authentication tasks.
- [Session Hijacking](https://awesome-repositories.com/f/security-cryptography/vulnerability-assessment-testing/security-testing-auditing/security-testing/authentication-bypass-techniques/session-hijacking.md) — Implements session hijacking to bypass multi-factor authentication by capturing and reusing valid authentication cookies. ([source](https://github.com/kgretzky/evilginx2#readme))
- [Multi-Factor Authentication Bypass Testing](https://awesome-repositories.com/f/security-cryptography/multi-factor-authentication-bypass-testing.md) — | Testing the resilience of authentication workflows against man-in-the-middle attacks that attempt to capture session cookies and bypass secondary verification.
- [Certificate Lifecycle Management](https://awesome-repositories.com/f/security-cryptography/certificate-lifecycle-management.md) — The project manages the generation and automatic renewal of encryption certificates for proxied domains to ensure secure and seamless connections without manual intervention. ([source](https://github.com/kgretzky/evilginx2/blob/master/main.go))
- [Automated Certificate Management](https://awesome-repositories.com/f/security-cryptography/network-infrastructure-security/web-network-security/security-https/automated-certificate-management.md) — Handles the automatic generation and renewal of encryption certificates to maintain secure connections for proxied domains without manual intervention.
- [Offensive & Red Team Operations](https://awesome-repositories.com/f/security-cryptography/security/utilities/security-tools/offensive-red-team.md) — | Automating the deployment of proxy servers and security certificates to conduct controlled security exercises while evading automated detection and filtering systems.
- [Proxy Templates](https://awesome-repositories.com/f/security-cryptography/security/utilities/security-tools/offensive-red-team/phishing-attack-tools/proxy-templates.md) — Uses modular template definitions to dictate how specific web services are proxied and which authentication parameters are intercepted. ([source](https://github.com/kgretzky/evilginx2/blob/master/main.go))
- [Anti-Bot Evasion](https://awesome-repositories.com/f/security-cryptography/bot-detection/anti-bot-evasion.md) — The project applies obfuscation techniques and browser protection bypasses to ensure infrastructure remains undetected by security filters and automated analysis tools. ([source](https://github.com/kgretzky/evilginx2/blob/master/README.md))
- [Bot Blocking](https://awesome-repositories.com/f/security-cryptography/application-and-system-security/browser-security/content-filtering-blocking/bot-blocking.md) — Analyzes incoming request patterns to identify and block automated security scanners and non-human traffic from interacting with the proxy.
- [Web Content Obfuscators](https://awesome-repositories.com/f/security-cryptography/security/utilities/security-hardening-and-protection/code-obfuscators/web-content-obfuscators.md) — The project applies automated transformations to web code to evade browser-based security filters and detection mechanisms during data collection. ([source](https://github.com/kgretzky/evilginx2#readme))
- [Traffic Filtering](https://awesome-repositories.com/f/security-cryptography/traffic-filtering.md) — Filters incoming traffic to block automated bots and security scanners from interacting with the proxy infrastructure. ([source](https://github.com/kgretzky/evilginx2#readme))

### Web Development

- [Authentication Proxy Templates](https://awesome-repositories.com/f/web-development/template-data-binding/template-data-injection/authentication-proxy-templates.md) — Uses modular configuration files to dynamically rewrite web page content and intercept specific parameters during the authentication flow.

### Development Tools & Productivity

- [Phishing Campaign Orchestrators](https://awesome-repositories.com/f/development-tools-productivity/email-delivery-services/phishing-campaign-orchestrators.md) — The project integrates with external email delivery services to coordinate the distribution of links and track user interactions through a unified workflow. ([source](https://github.com/kgretzky/evilginx2#readme))

### Networking & Communication

- [Traffic Routing](https://awesome-repositories.com/f/networking-communication/traffic-routing.md) — Resolves custom domain requests to redirect incoming traffic through the proxy infrastructure for specific target web services.

### DevOps & Infrastructure

- [Infrastructure Deployment](https://awesome-repositories.com/f/devops-infrastructure/infrastructure-deployment.md) — The project provisions servers and configures network settings, including domain names and security certificates, to establish operational environments with minimal manual intervention. ([source](https://github.com/kgretzky/evilginx2/blob/master/README.md))
- [Security Assessment Frameworks](https://awesome-repositories.com/f/devops-infrastructure/security-automation-workflows/security-assessment-frameworks.md) — A platform for deploying and managing automated phishing campaigns and testing organizational resilience against advanced credential harvesting attacks.