2018-09-07
- Developer mode added - start Evilginx with argument
-developerand it will auto generate self-signed certificates for your phishing pages. Generated CA root certificate, that you can import into your certificate store, can be found at$HOME/.evilginx/ca.crt. - Added
phishlets get-hostscommand to generate/etc/hostslocal IP address mappings for any phishlet. - Added auto-detection of
httpOnlyandhostOnlycookie flags. - Completely rewrote authentication token detection and database storage (previously captured sessions will not load properly in this version).
- Phishlets now properly handle
.website.comvswebsite.comcookie domains - Added support for regular expressions in detecting authentication token cookie names. Use
regexpflag with,separator in cookie name like this_session_[0-9]{6},regexp. - Fixed bug that prevented usage of empty subdomains in phishlets.