Evilginx Phishlet Developer Program (2025) is Out Now!
Enroll in Our Newest Course Now!
Why I decided to make this course
I've received hundreds of messages about making phishlets for Evilginx. Instead of answering all questions and requests, it would be more beneficial to explain how I make phishlets from scratch.
I released my Evilginx3 Phishlets Repo on Github in late 2023
3 months later, its been cloned over 20000 times.
Creating phishlets is a mixture of programming, logic & web security
With practice, it becomes much easier over time.
Why would you teach people something like this? Can't Evilginx be used for bad?
This is common question.
For those concerned about the ethics of hacking tutorials as well as tools such as Evilginx or phishlet scripts, it's not the learning of the skill that's unethical, but the choices made in applying it.
It's like using a hammer – it can be used to build something or to break something. The tool isn't "bad" per say, it’s how you use it that matters. Ethical hacking is using that "hammer" to make things safer, not to cause damage.
Ethical hacking, for example, is a legitimate and necessary practice in improving cybersecurity.
This private training course will explain my systematic process for coding Evilginx Phishlets from scratch in YAML
That way you can make phishlets yourself without any outside intervention or troubleshooting. From proxy_hosts to js_inject.
Understanding each parameter with examples & references for contextual understanding
Scripting with .YAML & O365
50% of Simpler Hacking students are outside of the USA, being able to bring a cost-effective solution to this information is important.
Breaking down my Burpsuite process step by step
Breaking down each parameter with example & where to look for it
We'll be analyzing web requests heavily
SOCRadar
Our new Evilginx Phishlets were used during SOCRadar's latest "Evil of Everything" Security Penetration Test & Showcase
Phishlet Creator Template
Use my beginner template to try it out for yourself
Feel free to use our updated Phishlets for Evilginx3 on Github!
Our Phishlets have been used by thousands of users & teams around the world.
Check out at our other courses!
Enroll to master modern MITM Phishing Attacks in 2025.
-
EvilGoPhish Mastery (2025)
Course • 120 lessonsThis is a course for advanced hackers, red teams, and penetration testers looking to gain an edge in today's security environment. Learn advanced phishing & smishing techniques with EvilGoPhish, one of the most powerful reverse-proxy phishing tools.
Purchase$179.99
-
Free Webinar: Modern Enterprise MITM Attacks with Evilginx3
Course • 3 lessonsLearn how attackers use Evilginx and other tools to bypass MFA and gain access to sensitive information. Learn how Modern Business Email Compromise (BEC), and Evilginx Man-in-the-Middle (MITM) attacks are done from an attacker's perspective.
Free
-
Free Webinar: Offensive Quishing: Decoding the Rising Threat of QR Code-Enabled Phishing Attacks in Modern Cybersecurity
Course • 3 lessonsUnderstand and learn academic perspectives on QR code-based 'Quishing' in our insightful webinar. Dive deep into innovative countermeasures and the latest research, enhancing your knowledge in this crucial aspect of cybersecurity.
Free
-
Live Webinar: Spear Phishing Cloud Applications with Evilginx 3.2
Course • 3 lessonsThis free training cover a broad spectrum of topics, from the basics of phishing and MFA bypass to intricate strategies tailored for complex environments. We’ll touch upon various authentication services and protocols, key offering insights.
Free