Hey guys,
I'm providing new Evilginx2 3.0 setup and management service for who need help to maintain their phishing operations. I can build your own configs, yaml (phishlets) and maintain your server to keep it online & secure.
Operation Security is most important thing and if you're willing to jump into phishing then you need someone who is experienced and professional. I'm not saying I'm the BEST but I can guarantee that if you follow my advice to maintain your process, you'll be good.
Price range: $500/mo - $1500/mo (depends on how complex your project is.)
Also, I can setup your Cobalt Strike with Evil GoPhish which combination of evilginx2 3.0 and GoPhish. (Monthly $1500 in this case)
I DON'T WORK FOR:
If you're distributing ransomware,
If you're phishing children,
If you're phishing people whom are in trouble already,
If you're targeting governments, health companies, non-profit organizations,
If you're part of any kind of terrorism group.
Note: Escrow accepted. First Contact always via PM.
I'm providing new Evilginx2 3.0 setup and management service for who need help to maintain their phishing operations. I can build your own configs, yaml (phishlets) and maintain your server to keep it online & secure.
Operation Security is most important thing and if you're willing to jump into phishing then you need someone who is experienced and professional. I'm not saying I'm the BEST but I can guarantee that if you follow my advice to maintain your process, you'll be good.
Price range: $500/mo - $1500/mo (depends on how complex your project is.)
Also, I can setup your Cobalt Strike with Evil GoPhish which combination of evilginx2 3.0 and GoPhish. (Monthly $1500 in this case)
I DON'T WORK FOR:
If you're distributing ransomware,
If you're phishing children,
If you're phishing people whom are in trouble already,
If you're targeting governments, health companies, non-profit organizations,
If you're part of any kind of terrorism group.
Note: Escrow accepted. First Contact always via PM.
-
- Feature: TLS certificates from LetsEncrypt will now get automatically renewed.
- Feature: Automated retrieval and renewal of LetsEncrypt TLS certificates is now managed by certmagic library.
- Feature: Authentication tokens can now be captured not only from cookies, but also from response body and HTTP headers.
- Feature: Phishing pages can now be embedded inside of iframes.
- Feature: Changed redirection after successful session capture from Location header redirection to injected Javascript redirection.
- Feature: Changed config file from config.yaml to config.json, permanently changing the configuration format to JSON.
- Feature: Changed open-source license from GPL to BSD-3.
- Feature: Added always modifier for capturing authentication cookies, forcing to capture a cookie even if it has no expiration time.
- Feature: Added phishlet <phishlet> command to show details of a specific phishlet.
- Feature: Added phishlet templates, allowing to create child phishlets with custom parameters like pre-configured subdomain or domain. Parameters can be defined anywhere in the phishlet file as {param_name} and every occurence will be replaced with pre-configured parameter values of the created child phishlet.
- Feature: Added phishlet create command to create child phishlets from template phishlets.
- Feature: Renamed lure templates to lure redirectors due to name conflict with phishlet templates.
- Feature: Added {orig_hostname} and {orig_domain} support for sub_filters phishlet setting.
- Feature: Added {basedomain} and {basedomain_regexp} support for sub_filters phishlet setting.
- Fixed: One target can now have multiple phishing sessions active for several different phishlets.
- Fixed: Cookie capture from HTTP packet response will not stop mid-term, ignoring missing opt cookies, when all authentication cookies are already captured.
- Fixed: trigger_paths regexp will now match a full string instead of triggering true when just part of it is detected in URL path.
- Fixed: Phishlet table rows are now sorted alphabetically.
- Fixed: Improved phishing session management to always create a new session when lure URL is hit if session cookie is not present, even when IP whitelist is set.
- Fixed: WebSocket connections are now properly proxied.
Последнее редактирование модератором:
