You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Feature: URL redirects on successful token capture now work dynamically on every phishing page. Pages do not need to reload or redirect first for the redirects to happen.
Feature: Lures can now be paused for a fixed time duration with lures pause <id>. Useful when you want to briefly redirect your lure URL when you know sandboxes will try to scan them.
Feature: Added phishlet ability to intercept HTTP requests and return custom responses via a new intercept section.
Feature: Added a new optional redirect_url value for phishlet config, which can hold a default redirect URL, to redirect to, once tokens are successfully captured. redirect_url set for the specific lure will override this value.
Feature: You can now override globally set unauthorized redirect URL per phishlet with phishlet unauth_url <phishlet> <url>.
Fixed: Disabled caching for HTML and Javascript content to make on-the-fly proxied content replacements and injections more reliable.
Fixed: Improved JS injection by adding <script src"..."> references into HTML pages, instead of dumping the whole script there.
Fixed: Blocked requests will now redirect using javascript, instead of HTTP location header.
Fixed: Changed redirect_url to unauth_url in global config to avoid confusion.
Fixed: Fixed HTTP status code response for Javascript redirects.
Fixed: Javascript redirects now happen on text/html pages with valid HTML content.
Fixed: Removed ua_filter column from the lures list view. It is still viewable in lure detailed view.
