# Evilginx 3.9.0 Mod

####                                           

We decided to make a good mod for Evilginx. By adding Evil Puppet to it / Sending notifications via Discord / Module for generating PHISHLETs, collecting configurations via Burp Suite \[ Functionality:

* Template Generation: The module can create various violet templates that mimic legitimate websites.
* Content Customization: The user can customize text, images, and other elements to make the phishlet more believable.
* Integration with Burp Suite: The module can be integrated into Burp Suite to facilitate the testing and vulnerability analysis process.
* Automation: Allows you to quickly create many phishlets for different scenarios.]
* Telegram / Discord WebHook.
* Identifier obfuscation to prevent websites from detecting evilginx.
* Fixed: Cookie grab failure when cookies have protection symbols. (Problem was that some of the symbols used in cookies are not supported by the original evilginx and it can't detect the set-cookie event. )
* Fixed: Stability issues with original evilginx. Open doors to handle unlimited number of users at the same time.
* Fully obfuscated hardcoded http\_proxy.go file that is not readable to prevent fast red-flag on domains.
* Capture and proxying captcha / re / h /v2,v3.
* Cloudflare: Required if site has Cloudflare Anti-DDoS page enabled.
* BotGuard: Required for sites like Google (verified, trusted accounts), Microsoft o365 (some of) 3rd parties login pages usually big companies or extra protection without it lets say only 70% accounts would work etc etc.
* hCaptcha, recaptcha - Required for sites that have hCaptcha, recaptcha on forms or as Anti-Ddos.
* GeeTest: Needed for crypto websites like Binance, Coinbase, Blockchain etc etc
* Custom JS: Required for sites that have their own protection for certain actions.

#### Adding "interceptors" to Evilginx //

* You will be able to monitor and analyze HTTP requests and WebSocket messages that pass through your Evilginx server. This can help in understanding user behavior and identifying potential vulnerabilities.
* Data collection. Intercepting requests may allow you to collect information about users, such as credentials, access tokens, and other sensitive information, if you use Evilginx for phishing.
* Debugging. If you are developing or testing your Evilginx templates, JavaScript code integration can help you debug and identify functionality issues by showing what data is being sent and received.
* Adaptation and modification: By using request interception, you can adapt the behavior of your Evilginx server depending on the data received, for example, change messages or redirects based on the contents of requests. [Low-level network interception library](https://github.com/mswjs/interceptors)

<figure><img src="/files/01ZybpCUfhbtVHohNpVQ" alt=""><figcaption></figcaption></figure>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://rproxylab.gitbook.io/evilginx-lab-by-cfs0x/getting-started/publish-your-docs/evilginx-3.9.0-mod.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.