Evilginx is a cool tool for creating phishing sites for any resource. The public has configs for many popular websites: Google, Outlook, LinkedIn, Instagram, etc. Personally, I have already created more than 10 phishing sites using this tool.
The peculiarity of this type of phishing is that the user sees the real website only by your phishing URL, and you can intercept all the information you need from http traffic (credits, tokens, cookies) + manipulate the real content of the site using custom JS code.
For example, my phishing for VK is a real VK website with full functionality of the site (2-factor, password reset, registration, profile, feed, messages, etc.), while the account flies to my server.
The creator of evilginx sells a course on this tool for 399 Eur
Source: https://academy[.]breakdev[.]org/evilginx-mastery
The peculiarity of this type of phishing is that the user sees the real website only by your phishing URL, and you can intercept all the information you need from http traffic (credits, tokens, cookies) + manipulate the real content of the site using custom JS code.
For example, my phishing for VK is a real VK website with full functionality of the site (2-factor, password reset, registration, profile, feed, messages, etc.), while the account flies to my server.
The creator of evilginx sells a course on this tool for 399 Eur
Source: https://academy[.]breakdev[.]org/evilginx-mastery
LOL its down there
