8 releases 8 tags

RSS feed

• v3.3.0 55579600ca

  Compare

  v3.3.0 Stable

  kerem released this 2024-04-02 16:20:57 +03:00 | 5 commits to master since this release

  📅 Originally published on GitHub: Tue, 02 Apr 2024 13:34:24 GMT
  🏷️ Git tag created: Tue, 02 Apr 2024 13:20:57 GMT

  Go & Phish - Official Gophish integration released!

  You can learn more about this update in the official blog post: https://breakdev.org/evilginx-3-3-go-phish/

  CHANGELOG

  • Feature: Official GoPhish integration, using the fork: https://github.com/kgretzky/gophish
  • Feature: Added support to load custom TLS certificates from a public certificate file and a private key file stored in ~/.evilginx/crt/sites/<hostname>/. Will load fullchain.pem and privkey.pem pair or a combination of a .pem/.crt (public certificate) and a .key (private key) file. Make sure to run without -developer flag and disable autocert retrieval with config autocert off.
  • Feature: Added ability to inject force_post POST parameters into JSON content body (by @yudasm_).
  • Feature: Added ability to disable automated TLS certificate retrieval from LetsEncrypt with config autocert <on/off>.
  • Feature: Evilginx will now properly recognize origin IP for requests coming from behind a reverse proxy (nginx/apache2/cloudflare/azure).
  • Fixed: Infinite redirection loop if the lure URL path was the same as the login path defined in the phishlet.
  • Fixed: Added support for exported cookies with names prefixed with __Host- and __Secure-.
  • Fixed: Global unauth_url can now be set to an empty string to have the server return 403 on unauthorized requests.
  • Fixed: Unauthorized redirects and blacklisting would be ignored for proxy_hosts with session: false (default) making it easy to detect evilginx by external scanners.
  • Fixed: IP address 127.0.0.1 is now ignored from being added to the IP blacklist.
  • Fixed: Added support for more TLDs to use with phishing domains (e.g. xyz, art, tech, wiki, lol & more)
  • Fixed: Credentials will now be captured also from intercepted requests.

  Downloads

  • Source code (ZIP)
    0 downloads
  • Source code (TAR.GZ)
    0 downloads

  ---

  • evilginx-v3.3.0-linux-64bit.zip
    0 downloads · 2026-02-26 02:30:40 +03:00 · 8.1 MiB
  • evilginx-v3.3.0-windows-64bit.zip
    0 downloads · 2026-02-26 02:30:41 +03:00 · 8 MiB