8 releases 8 tags

RSS feed

• v3.2.0 a8d2cd3fd0

  Compare

  v3.2.0 Stable

  kerem released this 2023-08-24 12:56:32 +03:00 | 24 commits to master since this release

  📅 Originally published on GitHub: Thu, 24 Aug 2023 10:01:14 GMT
  🏷️ Git tag created: Thu, 24 Aug 2023 09:56:32 GMT

  • Feature: URL redirects on successful token capture now work dynamically on every phishing page. Pages do not need to reload or redirect first for the redirects to happen.
  • Feature: Lures can now be paused for a fixed time duration with lures pause <id>. Useful when you want to briefly redirect your lure URL when you know sandboxes will try to scan them.
  • Feature: Added phishlet ability to intercept HTTP requests and return custom responses via a new intercept section.
  • Feature: Added a new optional redirect_url value for phishlet config, which can hold a default redirect URL, to redirect to, once tokens are successfully captured. redirect_url set for the specific lure will override this value.
  • Feature: You can now override globally set unauthorized redirect URL per phishlet with phishlet unauth_url <phishlet> <url>.
  • Fixed: Disabled caching for HTML and Javascript content to make on-the-fly proxied content replacements and injections more reliable.
  • Fixed: Improved JS injection by adding <script src"..."> references into HTML pages, instead of dumping the whole script there.
  • Fixed: Blocked requests will now redirect using javascript, instead of HTTP location header.
  • Fixed: Changed redirect_url to unauth_url in global config to avoid confusion.
  • Fixed: Fixed HTTP status code response for Javascript redirects.
  • Fixed: Javascript redirects now happen on text/html pages with valid HTML content.
  • Fixed: Removed ua_filter column from the lures list view. It is still viewable in lure detailed view.

  Downloads

  • Source code (ZIP)
    0 downloads
  • Source code (TAR.GZ)
    0 downloads