Good work no stop #_# Please make more vd for advanced techniques red team and phishing tool and tricks for social eng gooo ❤
@GodSon-t6f Жыл бұрын
wow thanks you have been motivating me on my educational journey God blesss you
@villaroot Жыл бұрын
I'm glad to help! Best of luck on it!
@popboykemzykhil3822 Жыл бұрын
Hi VillaRoot, Please do you have a spamming toturial course to get o365? I am very much interested
@09Owais Жыл бұрын
Hi Villaroot, you’re really doing great! Just wanted to know if any method exists to deal with Google Safe Browsing while running phishing campaigns since it flags the site in less than a minute despite of using blacklisting and hiding phishlets! Quite annoying!
@villaroot Жыл бұрын
Thanks for the support! I honestly appreciate it. Google Safe Browsing is actually good at flagging phishing sites. Besides hoping the user doesn't Chrome, I've found these tips to help. Not a guarantee but it will 'add' to having your site not get flagged (In addition to what you're doing) 1. Age a new domain for at least 30 days. Preferably 90 days. So buy a new domain but don't use it for phishing yet and let it 'be out there' for those days so it can gain some reputation on being not malicious. You can also buy expired domains. Which are domains that have been purchased before but we're not renewed and available to buy. 2. Evilginx sends headers with 'Evilginx'. You have to manually remove them in the GitHub repository. If not, sites can see those headers and immediately mark it malicious. There might be more signatures that aren't well known. 3. Check if your domain is already categorized. Sites like McAfee and Symantec have online checkers. If they aren't categorized, age them and try to put in a categorized request for it. If it is categorized it adds to the legitimacy of the site. Hope this helps
@09Owais Жыл бұрын
To Be Honest! I have already applied these along with traffic analysis and identifying ranges to be blocked on proxy, I am using a proxy setup with blacklist config from apache. Nothing seems to have worked for now. It’s fine as long as the link is not opened, once the link is opened, it’s flagged! I’m afraid, that there doesn’t seem to be a way out 😢
@lucasfredrick2825 Жыл бұрын
How can I run evil ginx2 when my pc goes off..or how do I keep a phishing campaigns active when my pc goes off
@villaroot Жыл бұрын
No, you'll have to have your PC on the whole time your phishing campaign is live. If a target clicks your link while your PC is off, the phishing environment will be offline so they'll get a 'cannot find' error.
@KennethBarrie Жыл бұрын
hi villa can you do updated version of evilginx or how to still use evilginx 2.4 im having problems
@張勃汗 Жыл бұрын
really great content!It’s just a message to that you know you got a subscription from Taiwan
@villaroot Жыл бұрын
That's awesome to know! I appreciate the support from you!
@GodSon-t6f Жыл бұрын
Please boss i have some issues with my pcs & iphone an attaker have gained access to all my devices even when i get to use rdp its still the same please how can you help me or any advice on what to do please
@GodSon-t6f Жыл бұрын
i tried getting all tools to defend still keep coming andcoming pls i woudl appreciate ur help any