From Evilginx2 to Session Hijacking: Building a Phishing Lab & Detection Rules

Session hijacking has evolved beyond traditional cookie theft. With Adversary-in-the-Middle (AitM) phishing kits like Evilginx2, attackers can intercept credentials and session tokens in real-time, bypassing even strong MFA solutions. In this hands-on guide, we’ll build a controlled lab environment, execute a full phishing campaign, and develop detection rules to identify these attacks. Understanding the Threat Evilginx2 is a man-in-the-middle proxy framework that sits between the victim and the legitimate website. Unlike traditional phishing, it:...

February 18, 2026 · 6 min · Anass

Session Hijacking 2.0: Emerging Threats and Defenses

Introduction In today’s rapidly evolving cybersecurity landscape, attackers have found new ways to bypass multi-factor authentication (MFA) and compromise user sessions through tactics such as session hijacking and infostealer malware. These techniques pose significant risks to organizations and users, even those who have deployed MFA solutions to secure their systems. ...

October 7, 2024 · 4 min · Anass