powershell VS evilginx2

Compare powershell vs evilginx2 and see what are their differences.

powershell

Repository for powershell scripts and functions I have built. (by FourThreeSeven)

evilginx2

Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication (by kgretzky)
Our great sponsors
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • Onboard AI - ChatGPT with full context of any GitHub repo.
  • WorkOS - The modern API for authentication & user identity.
powershell evilginx2
4 30
11 9,467
- -
4.1 6.2
5 months ago 19 days ago
PowerShell Go
- BSD 3-clause "New" or "Revised" License
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.

powershell

Posts with mentions or reviews of powershell. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-06-15.

evilginx2

Posts with mentions or reviews of evilginx2. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-10-10.
  • Google announces passwordless by default: Make the switch to passkeys
    6 projects | news.ycombinator.com | 10 Oct 2023
    No, if you break into a site using passkeys, it gives you literally zero information that can be used to authenticate as any of the users. Think about the prevalence of data breaches in the past decade, and the sharp rise in the effectiveness of password stuffing, and think about why this change might be a good idea.

    Also even with traditional 2FA, TOTP can be phished. See https://github.com/kgretzky/evilginx2

    WebAuthn almost entirely eliminates phishing risk, and Passkeys are a really nice, clean UX for using WebAuthn.

  • I’ve been stuck on this situation for 3 days, does anyone know how to fix this?
    2 projects | /r/github | 17 Sep 2023
    So I downloaded this onto my computer https://github.com/kgretzky/evilginx2 and that took while since I’m new to GitHub and I barely know my way around computers. That went fine, i noticed there was another repository that was pretty much an add on to that same software I downloaded earlier “evilginx2” by another creator, this is the link https://github.com/simplerhacking/Evilginx3-Phishlets
  • MFA Just Casually being bypassed?? Anyone else seeing this?
    2 projects | /r/sysadmin | 15 Jun 2023
    We had a user compromised simiarly the other day, with what I believe to be https://github.com/kgretzky/evilginx2 now. It stole his session cookie and was able to auth. Fortunately, we have Office 365 Defender and he was flagged immediately on the risky user sign-ins and we were able to block and investigate.
  • Accounting got phished. Paid out big bucks
    3 projects | /r/sysadmin | 31 May 2023
    Evilginx kan bypass MFA and hijack your session https://github.com/kgretzky/evilginx2 Only thing that migitates this is fido keys
  • Phish a User with MFA Enabled
    3 projects | /r/redteamsec | 4 Oct 2022
  • best phishing site or code for hacking insta
    2 projects | /r/hacking | 25 May 2022
  • Soft skills
    4 projects | /r/ProgrammerHumor | 25 Jan 2022
    A good example of this I've run into is evilnginx2 which is a scary piece of software that allows you to somewhat easily do a MITM phishing attack that can even grab MFA tokens. When I ran into a client having an issue with somebody using the same sort of method to phish their site I was able to find ways to mitigate it. This was thanks to evilnginx2 being a proof of concept project which allowed me to easily test ways of blocking it.
  • Launch HN: Keyri (YC S21) – Secure smartphone-based passwordless authentication
    4 projects | news.ycombinator.com | 4 Aug 2021
    Login on desktop happens through scanning a QR code on the service's login page using the service's app. On a mobile device, logging in happens by tapping a button and being verified by biometrics (FaceID etc.) or a passcode (if enabled by the developer).

    TOTP is an objectively worse UX - first you type in your username, then password, then open your phone, open the relevant app, read the code, and type in the code before it expires. With Keyri, you open the relevant app, tap a "scan" UI element, and point it at your screen. No typing, memorization, or race against the clock. Also, with TOTP, you're pulling out your phone and navigating to a specific app anyway, so I don't understand your UX objection. I'm also struggling to picture a situation in which a laptop or other device has connectivity but a phone does not. Presumably the laptop is on a WiFi network that the phone can also connect to. If the laptop is using some sort of satellite connection module, that module and/or laptop can fire up a hotspot. This connectivity problem would also arise in the push notification solution you propose in the next sentence.

    Push notification solutions ("prompts") are defeatable using trivial man-in-the-middle phishing techniques. For example: https://github.com/kgretzky/evilginx2. Authenticator-initiated authentication solutions with two-way authentication like Keyri eliminate phishing.

    4 projects | news.ycombinator.com | 4 Aug 2021
    > The way I use passwords is way safer than Keyri

    I don't see how that is possible.

    (1) Keyri private keys cannot be stolen other than through smartphone malware, which is exceedingly rare, while password managers and older USB keys are vulnerable to desktop malware, which is much more common - both credential stealers and, in the case of older generations of Yubikeys, keyloggers. Hardware OTP devices are additionally vulnerable man-in-the-middle phishing attacks (though the HN audience is generally savvy enough to not fall for phishing) - https://github.com/kgretzky/evilginx2.

    (2) As long as you rely on passwords and TOTP, you're relying on the shared secret paradigm and trusting the relying party to handle your credentials properly. If the relying party's credential store is breached and the credentials were improperly stored (common even today), your credentials (both your password and OTP secrets) can be used by a bad actor to access your account. Public key systems like Keyri and FIDO2 substantially reduce this risk.

    > As I said in a comment below, the fact that companies "can afford" is not the same as "it's worth it" to them

    Please see my response below regarding account sharing. In short, eliminating account sharing in order to enforce TOS is an opportunity to (a) improve security (b) improve UX in cases where provisioning multiple users access to one account is warranted.

    > Finally, with OpenID, I can set up my own identity provider, or use a privacy conscious one.

    As you note, the vast majority of web services don't support arbitrary identity providers or use privacy conscious ones. History has proven that people don't set up their own identity provider. Additionally, the universe of "privacy conscious" OIDC providers is limited (non-existent?).

  • Engineering a real-time phishing simulation proxy in Rust
    3 projects | /r/programming | 2 Feb 2021
    * https://github.com/kgretzky/evilginx2

What are some alternatives?

When comparing powershell and evilginx2 you can also consider the following projects:

Modlishka - Modlishka. Reverse Proxy.

muraena - Muraena is an almost-transparent reverse proxy aimed at automating phishing and post-phishing activities.

awesome-lnurl - A curated list of awesome lnurl things.

css-only-chat - A truly monstrous async web chat using no JS whatsoever on the frontend

evilgophish - evilginx3 + gophish

htmx - </> htmx - high power tools for HTML

Evilginx2-Phishlets - Evilginx2 Phishlets version (0.2.3) Only For Testing/Learning Purposes

CSS_SQL_Networking_Tools - Tools used by the SQL Networking Customer Support Team

KeePass2.x - unofficial mirror of KeePass2.x source code

passkey-rs - A framework for defining Webauthn Authenticators that support passkeys

keepassxc - KeePassXC is a cross-platform community-driven port of the Windows application “Keepass Password Safe”.

Evilginx3-Phishlets - Learn my systematic process of creating Evilginx Phishlets from scratch: https://www.simplerhacking.com