216.73.217.22

evilginx2

The MITRE Corporation · Published 30/01/2026 21:15 · Modified 04/05/2026 16:31

Essential information

Confidence
75/100
Published
30/01/2026 21:15
Modified
04/05/2026 16:31
Revoked
No
Author / Source
The MITRE Corporation
Related entities
14 attack patterns (mitre)

Description

[evilginx2](https://attack.mitre.org/software/S9003) is an open-source adversary-in-the-middle (AiTM) attack framework based on the open-source nginx web server. [evilginx2](https://attack.mitre.org/software/S9003) can be used as a reverse proxy between victims and legitimate web services to intercept and capture credentials, authentication tokens, and session cookies.(Citation: Evilginx 2 July 2018)(Citation: Breakdev Evilginx 2.1 SEP 2018)(Citation: Sophos Evilginx MAR 2025)

Marking (TLP)

Copyright 2015-2025, The MITRE Corporation. MITRE ATT&CK and ATT&CK are registered trademarks of The MITRE Corporation.

External references

Related entities

Attack patterns, malware, vulnerabilities, indicators, intrusion sets, tools and other entities linked to this tool.