How to set up Evilginx to phish Office 365 credentials
Disclaimer Evilginx can be used for nasty stuff. It is the defender’s responsibility to take such attacks into consideration and find ways to protect their users against this type of phishing attacks. Evilginx should be used only in legitimate penetration testing assignments with written permission from to-be-phished parties, or for educational purposes. That being said: on with the show. Today a step-by step tutorial on how to set up Evilginx and how to use it to phish for Office 365…