Packages and Binaries:


This package contains a man-in-the-middle attack framework used for phishing login credentials along with session cookies, which in turn allows to bypass 2-factor authentication protection.

This tool is a successor to Evilginx, released in 2017, which used a custom version of nginx HTTP server to provide man-in-the-middle functionality to act as a proxy between a browser and phished website. Present version is fully written in GO as a standalone application, which implements its own HTTP and DNS server, making it extremely easy to set up and use.

Installed size: 10.13 MB
How to install: sudo apt install evilginx2

  • libc6
root@kali:~# evilginx2 -h
Usage of evilginx2:
  -c string
    	Configuration directory path
    	Enable debug output
    	Enable developer mode (generates self-signed certificates for all hostnames)
  -p string
    	Phishlets directory path
  -t string
    	HTML redirector pages directory path
  -v	Show version

Updated on: 2024-May-23