gwen001
commented
1 year ago Issue correctly handled, tool is waiting for human validation.
Closed gwen001 closed 1 year ago
gwen001
commented
1 year ago Issue correctly handled, tool is waiting for human validation.
gwen001
commented
1 year ago Tool has been accepted by the team: https://offsec.tools/tool/evilgophish
Thank you for your contribution!
[tags]phishing,emails,framework[/tags] [short_descr]Combination of evilginx3 and GoPhish.[/short_descr] [link] https://github.com/fin3ss3g0d/evilgophish [/link] [long_descr] As a penetration tester or red teamer, you may have heard of evilginx3 as a proxy man-in-the-middle framework capable of bypassing two-factor/multi-factor authentication. This is enticing to us to say the least, but when trying to use it for social engineering engagements, there are some pain points.
1/ Lack of tracking - evilginx3 does not provide unique tracking statistics per victim (e.g. opened email, clicked link, etc.), this is problematic for clients who want/need/pay for these statistics when signing up for a social engineering engagement.
2/ Not a full social engineering toolkit - evilginx3 only provides proxy man-in-the-middle capabilities, it does not provide all of the functionality required for a social engineering campaign via email/SMS. For example, it does not send emails to targets or provide this functionality.
3/ No GUI - do we really need to explain this one further? We all love our GUIs and the visual representation of data for a social engineering campaign is invaluable. Operators can really get a thorough understanding as to the success of their social engineering campaigns by being able to view a visual representation of the data. [/long_descr] [image] https://raw.githubusercontent.com/gwen001/offsectools_www/main/tmp/6a7de4a060790936219d4c3e66a1ce62.png [/image] [image] https://raw.githubusercontent.com/gwen001/offsectools_www/main/tmp/d880028cbaec22d3e2fda1d5d6db6d3a.png [/image]