Skip to main content


Learn how to deploy your local instance of Evilginx to remote server.


Currently only automated deployment to Linux servers is supported. If you want to deploy to Windows Server, it is doable, but you'll have to do it manually as there is no automated deployment script to assist you.


You need to have access to remote server running Debian 10 OS or similar with following requirements:

  • At least 1GB RAM and at least 1 CPU.
  • Non-root user in sudoers group with preconfigured authorized_keys SSH keys to allow for passwordless login.

Make sure your firewall is set up with the following rules for inbound connections:

TCP443Reverse proxy HTTPS traffic
TCP22SSH port for remote configuration (can be changed to anything)
UDP53DNS nameserver traffic used for hostname resolution

Make sure there is no HTTP server (e.g. Apache, nginx) or DNS server (e.g. resolvd) running on your instance before you continue.

Domain & DNS Setup

Before you can start using Evilginx on engagements, you need to register a domain. This domain will be used as a top-level domain for your phishing URLs, where all subdomains in generated URLs will be fully customizable.

With a valid registered domain, you will need to set it up to use custom nameservers, which will point to the IP of your Evilginx instance.

For example if your registered domain was and the IP of the server, where you deployed Evilginx to is, you'd set up the custom nameservers like this:


It may take some time for the changes to propagate globally. If you're changing this for first time on a new domain, you may need to wait up to 72 hours.




Script for automated deployment of Evilginx to remote servers is only available to Evilginx Pro owners.

This guide applies if you have access to Evilginx software in binary form, without access to source code.

For fully automated deployment you can use the ./ script:

usage: ./ <server_ip> <config_path>

config_path parameter is optional, but it is useful if you have a config.json file on hand, which you want to use to preconfigure your Evilginx instance right when it is deployed. Read more about configuration.

The deployment script will use scp to copy files over to your remote instance and ssh to run commands remotely on your server. Make sure you have set up a non-root user, who is in sudoers group, with an SSH public key in authorized_keys which corresponds to the SSH private key you'll be using.

The following environment variables can be used to customize the deployment process:

Environment variableDescription
SSH_KEY_FILEPath to your SSH private key to use for authorization (def. ~/.ssh/id_rsa)
SSH_USERNon-root username to use for authorization (def. root)
SSH_PORTSSH port to use when connecting to the server (def. 22)

For example if you want to deploy the software to AWS instance, you'd issue a command like this:

SSH_KEY_FILE=~/keys/ssh.key SSH_USER=admin ./

Deployment script will install Evilginx and Evilpuppet on remote server, with all required dependencies, and will set up both to run in background tmux sessions. Evilginx will start itself automatically in same tmux sessions after every reboot, through systemd.


During deployment the script will kill all currently running node applications, since it is not yet able to tell what is the PID of Evilpuppet process.

To open Evilginx console, you will need to open a tmux session with:

tmux a -t evilginx

To open a session with Evilpuppet do:

tmux a -t evilpuppet

Whenever you want to leave the session running in the background, press Control+B and later D to detach from the current tmux session.

If you want to scroll up and in the tmux session, press Control+B and later [ first to turn on scroll mode and then use Page Up and Page Down to scroll. Turn off scrolling by pressing q.

If you ever accidentally quit Evilginx in the tmux session, you can start it again by running:

sudo ~/evilginx-package/evilginx/evilginx

If you accidentally close any of the tmux sessions, you can easily restart them by running the control script:

sudo ~/evilginx-package/ start

To shut down Evilginx you can also use the control script:

sudo ~/evilginx-package/ stop


Make sure you build the Evilginx binary with:


Then create a directory on your remote server where you will copy Evilginx files e.g. ~/evilginx.

  1. Upload file ./build/evilginx to ~/evilginx/evilginx.
  2. Upload directory ./phishlets to ~/evilginx/phishlets.
  3. Upload directory ./redirectors to ~/evilginx/redirectors.

Make sure to make evilginx binary executable with:

chmod 700 ./evilginx

And that's it. Make sure to run ./evilginx binary in tmux session to make it run in the background even after you log out from SSH.