search

kgretzky / evilginx2

Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
BSD 3-Clause "New" or "Revised" License
10.54k stars 1.91k forks source link

Bots crawling prevention #785

Closed pentest01 closed 1 year ago

pentest01 commented 2 years ago

How does evilginx prevent bot crawling your lure id, or is there a way to configure evilginx to work with redirect rules.

Jamesmich12 commented 2 years ago

Yes there's a way to hide it from bots

Manmade404 commented 2 years ago

Yes there's a way to hide it from bots

How can I do that?

Kevin3-00 commented 2 years ago

Checkout nakedpages https://github.com/nakedpages/nakedpages

Do you have proof this really works?

oldkingcone commented 2 years ago

id suggest looking into something with

https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker

and maybe some PHP for the uncaught ones.

Kevin3-00 commented 2 years ago

id suggest looking into something with

https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker

and maybe some PHP for the uncaught ones.

Looks promising but have you personally tested it with evilgin link?

oldkingcone commented 2 years ago

i have not, but i only use nginx.

Kevin3-00 commented 2 years ago

i have not, but i only use nginx.

I went through it long steps just want to be sure it works before following such steps

Kevin3-00 commented 2 years ago

i have not, but i only use nginx.

I followed you is there a way I can pm you?