nerdexam
EC-Council

312-50V13 · Question #475

Sophia is a shopping enthusiast who spends significant time searching for trendy outfits online. Clark, an attacker, noticed her activities several times and sent a fake email containing a deceptive p

The correct answer is C. Evilginx. Evilginx (Option C) is correct because it is a man-in-the-middle attack framework specifically designed to create spoofed login pages and capture credentials - including session tokens - by acting as a reverse proxy. In this scenario, Clark used Evilginx to craft a convincing, fa

Submitted by carlos_mx· Mar 6, 2026Social Engineering

Question

Sophia is a shopping enthusiast who spends significant time searching for trendy outfits online. Clark, an attacker, noticed her activities several times and sent a fake email containing a deceptive page link to her social media page displaying all-new and trendy outfits. In excitement, Sophia clicked on the malicious link and logged in to that page using her valid credentials. Which of the following tools is employed by Clark to create the spoofed email?

Options

  • APyLoris
  • BSlowloris
  • CEvilginx
  • DPLCinject

How the community answered

(51 responses)
  • A
    6% (3)
  • B
    10% (5)
  • C
    82% (42)
  • D
    2% (1)

Explanation

Evilginx (Option C) is correct because it is a man-in-the-middle attack framework specifically designed to create spoofed login pages and capture credentials - including session tokens - by acting as a reverse proxy. In this scenario, Clark used Evilginx to craft a convincing, fake social media page that harvested Sophia's login credentials when she authenticated, a classic phishing/credential harvesting attack.

Why the distractors are wrong:

  • PyLoris (A) is a denial-of-service (DoS) testing tool that targets network connections by slowly exhausting server resources - unrelated to phishing or credential theft.
  • Slowloris (B) is also a DoS tool that keeps HTTP connections open to overwhelm a web server, making it unavailable - not used for creating fake pages or stealing credentials.
  • PLCinject (D) is an industrial control system (ICS) attack tool targeting Programmable Logic Controllers (PLCs), relevant to operational technology (OT) attacks, not social engineering or phishing.

Memory Tip: Think of "Evil"ginx - the word evil hints at its malicious, deceptive nature. Just as Clark acted with evil intent to deceive Sophia into surrendering her credentials, Evilginx is the "evil" tool built for exactly that purpose - phishing + credential capture.

Topics

#Phishing#Credential Harvesting#Evilginx#Spoofing

Community Discussion

No community discussion yet for this question.

Full 312-50V13 Practice