Evilginx2 vs Social-Engineer Toolkit
GitHub Stats
About Evilginx2
Evilginx2 is a man-in-the-middle attack framework used for phishing login credentials along with session cookies, which in turn allows bypassing multi-factor authentication. It acts as a reverse proxy between the victim and the real website, proxying all traffic while capturing credentials and session tokens in real time. This makes it a critical tool for demonstrating the limitations of traditional 2FA and testing organizational resilience to advanced phishing attacks.
About Social-Engineer Toolkit
The Social-Engineer Toolkit (SET) is an open-source penetration testing framework designed for social engineering attacks. Created by David Kennedy, it integrates with Metasploit and provides attack vectors including spear-phishing (email), website cloning for credential harvesting, infectious media (USB), mass mailers, and HID attacks. SET automates the creation of believable attack scenarios and is a standard tool in social engineering assessments.
Platform Support
Tags
Evilginx2 only
Social-Engineer Toolkit only