Evilginx2 Phishlet Collection
Versionv2.5
Difficulty Advanced
Updated2025-04-01
CategorySocial Engineering

Evilginx2 Phishlet Collection

$149.99

Evilginx2 Phishlet Collection — 12 Phishlets

Updated and tested phishlets for Evilginx2 that capture session tokens post-MFA:

  • Microsoft 365 — Full phishlet covering login.microsoftonline.com with ESTSAUTH/ESTSAUTHPERSISTENT cookie capture for persistent access.
  • Google Workspace — Gmail/Google phishlet with SID/HSID/SSID cookie capture, bypassing Google Prompt 2FA.
  • LinkedIn — Captures li_at session token enabling full account access without re-authentication.
  • AWS Console — Captures AWS session cookies from the AWS Management Console login flow.
  • Okta — Phishlet for Okta SSO portal capturing session tokens and DT cookies for session persistence.
  • GitHub — Captures user_session and __Host-user_session_same_site cookies for full GitHub account access.
  • Additional Targets — Includes phishlets for Duo Security, Azure AD, Salesforce, Slack, Zoom, and Dropbox, all tested against current authentication flows.