UT Martin Cyber Ambassadors

User Tools

Site Tools

Trace:
social_engineering_toolkit

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision 		Previous revision
social_engineering_toolkit [2019/09/23 16:14]
acm created 		social_engineering_toolkit [2019/09/28 18:37] (current)
acm
Line 1: Line 1:
 ==== Social Engineering Toolkit ==== ==== Social Engineering Toolkit ====
 The Social Engineering Toolkit(SET) is an open-source tool written by Trusted-Sec designed to help aid Penetration Testers in quickly conducting a variety of social engineering attacks. SET was written in python and comes installed on Kali by default.  The Social Engineering Toolkit(SET) is an open-source tool written by Trusted-Sec designed to help aid Penetration Testers in quickly conducting a variety of social engineering attacks. SET was written in python and comes installed on Kali by default. 
 +
  
 === Java Applet Attacks === === Java Applet Attacks ===
-One of the more commonly used and successful attacks is what is called a java applet attack. This attack works by tricking the target into visiting what they believe to be a site they trust and then allowing a malicious java applet embedded in the site to run. This attack works so well as many users today have been conditioned to click yes on any notification that pops up on his or her computer, so he or she can get back to what they were doing. +One of the more commonly used and successful attacks is what is called a java applet attack. This attack works by tricking the target into visiting what they believe to be a site they trust and then allowing a malicious java applet embedded in the site to run. This attack works so well as many users today have been conditioned to click yes on any notification that pops up on his or her computer, so he or she can get back to what they were doing. The website spoofing can be accomplished via website cloning, using one of the built-in templates, or importing your own template. 
 + 
 +=== Credential Harvesting === 
 +This type of attack works by cloning the login page of a site and tricking the target into entering their login information into the site. The information is then sent back to you and the target is logged into the actual site. The site cloning works the same as it does with the java applet attack. 
 + 
 +=== Metasploit Browser === 
 +The Metasploit browser attack works much the same way as the last two, tricking the target into visiting what they believe to be a legitimate website, but is actually a website that will attempt to run various exploits from the Metasploit tool against the target's browser. This attack is useful when you suspect that your target may be using an outdated version of their web browser that may be vulnerable to common web exploits. This attack can be detected by anti-virus as it is attempting to run malware against the target. 
 + 
 +=== References === 
 +  *https://www.trustedsec.com/social-engineer-toolkit-set/ 
 +  *https://www.kalitutorials.net/2014/05/social-engineering-toolkit-kali.html 
 +  *https://www.binarytides.com/hack-windows-social-engineering-toolkit-java-applet/
social_engineering_toolkit.1569273281.txt.gz · Last modified: 2019/09/23 16:14 by acm

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Noncommercial-Share Alike 4.0 International
CC Attribution-Noncommercial-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki