Last Updated :
19 Apr, 2025
Social engineering toolkit is a free and open-source tool that is used for social engineering attacks such as phishing, faking phone numbers, sending SMS, etc. it’s a free tool available in Kali Linux or you can directly download and install it from Github. The Social Engineering Toolkit is designed and developed by a programmer named Dave Kennedy. This tool is used by security researchers, penetration testers all around the globe for checking cybersecurity flaws in systems. Social engineering toolkit targets to perform attacking techniques on their machines. This tool kit also offers website vector attacks or custom vector attacks by which you can clone any website and can perform phishing attacks. There are various features of the social engineering toolkit some of them are given below.
- SET is free and Open Source
- SET is already installed in your Kali Linux however you can also download and install it from Github.
- SET is portable, which means you can easily change attack vectors.
- SET is a Multi-platform tool: It can run on Linux, Unix, and Windows.
- SET Supports integration with third-party modules.
- SET Includes access to the Fast-Track Penetration Testing platform
- SET provides many attack vectors such as Spear-Phishing Attacks, Website Attacks, Infection Media Generator etc.
- Phishing Attacks: Social Engineering Toolkit allows you to perform phishing attacks on your victim. By using SET you can create phishing pages of many websites such as Instagram, Facebook, Google, etc. SET will generate a link of the option that you have chosen, and then you can send that URL to the victim once the victim open that URL and he /she will see a legitimate webpage of a real website which is actually a phishing page .once he/she entered his/her id password then you will get that id password on your terminal screen this is how phishing attack using SET works.
- Web Attack: Web Attack is a module in SET. This module combines different options for attacking the victim remotely by using this module you can create a payload and can deliver payload onto your victim browser using Metasploit browser exploit. web attack has Credential Harvester method using which you can clone any website for a phishing attack and can send the link of that webpage to the victim to harvest the information from user and password fields.
- Create a Payload and Listener: when you will first run the Social Engineering Toolkit. You will see the 4th option which is to create a payload and listener by using that module of SET you’ll be able to create malicious payloads for Windows, including Shell Reverse_TCP, Reverse_TCP Meterpreter, Shell Reverse_TCP X64, and Meterpreter Reverse HTTPS. You can use these payloads in the same way how you use payloads from metasploitable.
- Mass Mailer Attack: mass mailer attack is a module in the social engineering toolkit that is used for bombarding emails on target mail account for that you can use your own Gmail account also or you can own a server for that.
These were some attack vectors that you can perform using Social Engineering Toolkit .when you will run the SET you will feel fun because using SET is very easy now we will see how you can install Social Engineering Toolkit and how you can use it for phishing attack.
Step 1: Open your Kali Linux Terminal and move to Desktop
cd Desktop
Step 2: As of now you are on a desktop so here you have to create a new directory named SEToolkit using the following command.
mkdir SEToolkit
Step 3: Now as you are in the Desktop directory however you have created a SEToolkit directory so move to SEToolkit directory using the following command.
cd SEToolkit
Step 4: Now you are in SEToolkit directory here you have to clone SEToolkit from GitHub so you can use it.
git clone https://github.com/trustedsec/social-engineer-toolkit setoolkit/
Step 5: Social Engineering Toolkit has been downloaded in your directory now you have to move to the internal directory of the social engineering toolkit using the following command.
cd setoolkit
Step 6: Congratulations you have finally downloaded the social engineering toolkit in your directory SEToolkit. Now it’s time to install requirements using the following command.
cd setoolkit
pip3 install -r requirements.txt
Step 7: All the requirements have been downloaded in your setoolkit. Now it’s time to install the requirements that you have downloaded
python setup.py
Step 8: Finally all the processes of installation have been completed now it’s time to run the social engineering toolkit .to run the SEToolkit type following command.
setoolkit
Step 9: At this step, setoolkit will ask you (y) or (n). Type y and your social engineering toolkit will start running.
y
Step 10: Now your setoolkit has been downloaded into your system now it’s time to use it .now you have to choose an option from the following options .here we are choosing option 2
Website Attack Vectors:
option : 2
Step 11: Now we are about to set up a phishing page so here we will choose option 3 that is the credential harvester attack method.
Option : 3
Step 12: Now since we are creating a Phishing page so here we will choose option 1 that is web templates.
option 1
Step 13: At this time the social engineering tool will generate a phishing page at our localhost.
Step 14: Create a google phishing page so choose option 2 for that then a phishing page will be generated on your localhost.
Step 15: Social engineering toolkit is creating a phishing page of google.
As you can see on our localhost means on our IP address setoolkit created a phishing page of google. This is how the social engineering toolkit works. Your phishing page will be created by social engineering toolkit. Once the victim types the id password in the fields the id password will be shown on your terminal where SET is running.
The Social Engineering Toolkit (SET) is a Kali Linux operating system software program. SET is a powerful tool for conducting various social engineering attacks, including phishing, spear-phishing, and other social engineering attacks.
Multiple attack vectors: SET provides a variety of attack vectors, including email, SMS, USB, and more.
Easy customization: SET makes it easy to customize the attack payloads to suit the target environment and objectives.
Automated attack workflows: SET automates the entire attack workflow, from payload creation to delivery, making it easy for non-technical users to carry out social engineering attacks.
Built-in reporting: SET provides detailed reporting on the success and failure of the attack, allowing users to evaluate the effectiveness of their social engineering campaigns.
Let’s see some of the options of SET in action.
Creating a payload using Social Engineering Tool Kit in Kali Linux and exploiting it.
- Under “Social Engineering attacks” select “Create a Payload and Listener.”
- Select “Windows Reverse_TCP Meterpreter”
- Enter LHOST and LPORT.
- A payload exe file will be saved: /root/.set/payload.exe
After the above steps, msfconsole will be launched automatically with all the payloads set.
- Send the payload to the victim using any phishing technique. When the victim executes the payload file, immediately attacker will receive the reverse shell to the victim’s machine.
Using Social Engineering Tool Kit Generates QR Code
- We can see our QRCode generated.
- Scanning this QR will take the user to the evil website.
Now using any email-sending technique from the same toolkit, send the QRCode. I’ll use the Mass Mailer option from the menu for this demo.
Select Mass Mailer and enter the required details, as shown in the image below.
After giving body, it will automatically send the email to the victim.
Performing basic Pen-testing using Social Engineering Tool Kit.
- Target Host – rexxxxd.ac.in
- Our target URL uses WordPress for managing its content.
- MySQL and Redis databases are being used at the backend.
- Operating Systems: Ubuntu.
Furthermore, it uses various JavaScript libraries and Apache Webserver.
- Our target seems to use shared web hosting owned by TataTeleServices.
The above image gives us more detail about our target, like the IP address and the target’s location.
There are two open ports and details of the same, including SSL certificates of the website.
- The target is vulnerable to over 40+ vulnerabilities. Details of the same and CVEs assigned to them are available using them, and the target can be exploited.
Step-by-step process of getting ID and Password
- Select Website Attack Vectors from the SET options.
- Select Credential Harvester Attack Method -> Web Templates -> Press Enter -> Select Google.
- The IP address shown above is hosting the fake Google sign-in page. Now an attacker can change the ip address into a URL using any online tool and can trick into opening it.
- Now, whatever details the victim enters it will get a prompt on the attacker’s terminal.
- After clicking on “Sign In” the victim will get redirected to a new tab automatically but end up giving the credentials. The URL will work until the attacker closes the terminal.
Creating a cloner for the below website
- Under “Social Engineering attacks,” select “Website Attack Vectors.”
- Select Credential Harvester Attack Method -> Site Cloner -> Press Enter -> Enter URL to clone.
- Open the IP in the browser, and it will open as Amazon. An attacker can change the IP into convincible IP.
- Now the attacker can monitor the victim’s activity sitting remotely.
SET automates the entire attack workflow, making it easy for non-technical users to carry out social engineering attacks. However, it is important to use SET ethically and only for authorized penetration testing or other legitimate purposes and to comply with all relevant laws and regulations.
Note: The content provided is for education and information purposes only.
Please consider following and supporting us to stay updated with the latest information.
The Social-Engineer Toolkit (SET) is a powerful penetration testing tool for Kali Linux. This tutorial guides you through downloading, installing, and using SET to simulate various attacks and assess system security. Remember to use SET responsibly and only on systems you have explicit permission to test.
Download and Install SET
First, open a Kali Linux terminal (Ctrl+Alt+T). Then, clone the SET repository using Git:
git clone https://github.com/trustedsec/social-engineer-toolkit.git setNext, navigate to the directory and install SET using Python:
cd set
sudo python setup.py installThis installs the latest version of SET. For further information, consult the official documentation.
Launching SET
Launch SET from your terminal with the command:
setoolkitThis opens the SET main menu, presenting a list of attack vectors and methods. Select the desired attack vector and follow the on-screen prompts to configure the attack parameters. For example, a spear-phishing attack requires specifying the target’s email address, subject, and message body, along with SMTP server details and sender information.
Selecting an Attack Vector
SET offers a variety of attack vectors, each with unique capabilities:
- Spear-Phishing Attack Vectors
- Website Attack Vectors
- Infectious Media Generator
- Create a Payload and Listener
- Mass Mailer Attack
- Teensy USB HID Attack Vector
- SMS Spoofing Attack Vector
- Wireless Access Point Attack Vector
- Third-Party Modules
After launching SET, choose your attack vector from the menu. The subsequent steps will guide you through configuring the specific parameters for your chosen attack.
Selecting an Attack Method
After selecting an attack vector, SET presents available attack methods. These methods define the specific technique used within the chosen vector (e.g., for a spear-phishing vector, you might choose a credential-harvesting method). The menu will guide you through the selection process.
Configuring the Attack
Once the attack vector and method are selected, you’ll configure the attack parameters. This might involve specifying target details (email addresses, URLs, etc.), payload settings, and other relevant options. SET uses a menu-driven interface, prompting you for each necessary parameter. You can use the `set` command within SET to directly set specific parameters if you prefer. For example:
set TARGETEMAIL example@example.comExecuting the Attack
After configuration, execute the attack using the options provided in SET’s interface. Monitoring the progress is typically done through the terminal window. Note: Never launch an attack without explicit permission from the system owner.
Analyzing Results
After the attack, use SET’s built-in features (often a «show results» command) to analyze the outcome. This might include reviewing collected data and logs. Careful analysis helps determine the success of the attack and identify any potential vulnerabilities in the target system.
Useful Links
- Kali Linux VM Images
- SET Official Website
- Kali Linux User Manual
- Metasploit Unleashed
- Penetration Testing Training
Disclaimer: Use the Social-Engineer Toolkit responsibly and ethically. Only perform penetration testing on systems where you have explicit permission. Unauthorized use is illegal and unethical.
Are you looking for a way to use the Social Engineer Toolkit in Kali?
Social engineering attacks have become a significant threat to personal and organizational security. Understanding and defending against these attacks is vital. This guide focuses on the Social Engineering Toolkit (SET) – an essential tool for cyber security professionals, ethical hackers, and security enthusiasts alike.
Join us as we discuss three different ways to use this software. As you read on, you’ll discover the versatility of SET, learn how to leverage its features, and gain valuable insights into the ever-growing world of social engineering attacks.
We will show you how to use the infectious media generator to create a malicious EXE. Next, we will show you how to set up an individual phishing attack, and lastly, we will show you how to use the Social Engineer Toolkit to clone a legitimate website and harvest credentials.
Table Of Contents
- What Is the Social Engineer Toolkit?
- Getting Started with Social Engineer Toolkit
- Infectious Media Generator
- Phishing Attacks
- Website Cloning and Credential Harvesting
- Conclusion
Before diving into the Social Engineering Toolkit, let’s discuss what social engineering is.
Social Engineering
Social engineering is a psychological tactic that tricks people into taking certain actions or revealing sensitive information. It relies on exploiting human emotions, trust, and curiosity rather than using technical methods to gain unauthorized access to confidential data.
In simple terms, social engineering is like a con artist’s game, where the attacker manipulates the target’s feelings and trust to get what they want.
By understanding and manipulating human behavior, these attackers can deceive their victims into disclosing their details, like passwords or financial information, or performing actions that compromise security.
The Social Engineer Toolkit
The Social Engineer Toolkit (SET), written in Python, is a powerful collection of tools designed for social engineering. Penetration testers or Red Team members often use it to test an organization’s security by simulating social engineering attacks on employees.
Developed by TrustedSec and available on GitHub, SET comes pre-installed on Kali Linux, making it a readily accessible resource for cyber security professionals.
Need guidance on installing Kali on VMware or VirtualBox? Check out our easy-to-follow guides to get started with your virtual lab setup!
SET offers many attack vectors, such as spear phishing, malicious payloads, infectious media generation, and website cloning. These attacks leverage the inherent human vulnerabilities of most security systems, making them potent and challenging to defend against.
Getting Started with Social Engineer Toolkit
Having discussed what social engineer toolkit is, let’s move on and discuss the setup and the numerous options it has.
Warning
The information provided in this blog, including using the Social-Engineer Toolkit (SET), is for educational purposes. We urge you to apply the techniques and knowledge shared here only with explicit permission from the relevant parties. Engaging in unauthorized hacking activities is unethical and illegal. We encourage you to practice responsible and ethical hacking.
Startup
The Social Engineer Toolkit already comes pre-installed in Kali. To start SET, simply head to your terminal and type: sudo setoolkit
You will be asked to read the terms and conditions before continuing.
Options
Once SET launches, you’ll be presented with a menu of options. This article will focus on option one: Social-Engineering Attacks, which offers a variety of attack vectors. Here is an overview of the options available in this category:
1) Social-Engineering Attacks: This option focuses on various social engineering attack vectors, including spear phishing, website attacks, infectious media generation, and credential harvesting. It allows users to simulate and test various human-centered attack scenarios.
2) Penetration Testing (Fast-Track): Fast-Track is a collection of testing tools and scripts designed to rapidly deploy and exploit security vulnerabilities. It helps automate various aspects of penetration testing and speeds up the process of discovering and exploiting vulnerabilities
3) Third Party Modules: This option provides integration with external tools and modules developed by the security community. These modules extend SET’s functionality and can offer additional attack vectors, exploits, and payloads for use within the toolkit.
4) Update the Social-Engineer Toolkit: This option allows you to update SET to the latest version, ensuring you have the most recent features, bug fixes, and improvements. Regular updates are essential to maintaining an effective and reliable toolkit.
5) Update SET configuration: This option lets you modify the SET configuration file.
6) Help, Credits, and About: This option provides access to the help documentation, credits to the developers and contributors, and general information about the Social Engineer Toolkit. It is a useful resource for understanding the toolkit’s functionality, getting assistance, and learning about its development history.
Infectious Media Generator
The Infectious Media Generator in SET allows you to create malicious files, such as PDFs and EXEs, that can trigger a reverse Meterpreter shell when opened. This section will guide you through the process of creating a malicious EXE.
SET has many options for malicious payloads, but they may be limited depending on the software and operating system versions the target is using.
Setup
- From the SET main menu, select one «Social-Engineering Attacks.»
- Choose three «Infectious Media Generator.»
There are two options inside the “Infectious Media Generator,” “File-Format Exploits,” and “Standard Metasploit Executable.”
File-Format Exploits: This attack vector exploits vulnerabilities in popular formats like PDFs, Microsoft Office documents, and image files. Attackers craft malicious files containing embedded payloads that, when opened by unsuspecting users, exploit these vulnerabilities to gain unauthorized access to their systems.
The primary advantage of this approach is its stealthiness, as the malicious files often appear legitimate and are less likely to raise suspicion. Moreover, users perceive these file formats as harmless, making them more likely to be opened.
These are dependent on the OS version of the target system.
Standard Metasploit Executable: Using the Metasploit Framework, this attack vector involves creating a standalone executable containing a malicious payload.
When a user runs the executable, the payload is executed, and the attacker gains control over the target system. This approach is more straightforward than File-Format Exploits, as it doesn’t rely on exploiting specific vulnerabilities in file formats.
However, it may also be more conspicuous, as users are generally more cautious when running unfamiliar executables. A successful attack using this vector often relies on strong social engineering techniques to convince the target to run the executable, such as disguising it as a software update, a useful utility, or a desirable file.
Next, you will be asked which format you would like to use. We will be selecting option two.
You will be asked to select the reverse shell you want to use. For this option, choose two, which is the Windows Meterpreter Reverse TCP shell. Enter the IP address and port for your listener.
The Social Engineering Toolkit will now create the malicious exe file, call it payload.exe, and save it to the /root/.set directory.
You can now rename the file to something else if you want. An attacker might change the name to something that will entice a victim to click on it, such as an update for an application.
Start the multi-handler in metasploit using the same IP and port you chose above and type run.
The user must click on the malicious file to initiate the reverse shell.
Once the user clicks the file, you should have a reverse meterpreter shell to the target.
In search of a reverse shell cheat sheet? We’ve got you covered in our detailed post. Check it out now!
Phishing Attacks
Phishing is a widely-used social engineering attack that aims to deceive users into revealing sensitive information, such as login credentials, financial details, or personally identifiable information.
By manipulating users into believing they are interacting with a legitimate source, attackers can trick them into clicking on malicious links, downloading malware-infected files, or divulging confidential information.
You can use Gmail, Hotmail, Yahoo, or an email address from your domain to perform a phishing attack with SET. Gmail is the default option and the one we will be using. To change between Gmail, Hotmail, or Yahoo, you must edit the /etc/setoolkit/set.config file.
Mass Mailer
With the mass mailer option in SET, you can create a phishing email and send it to the target. SET allows for both individual phishing and mass mailing attacks, with the latter targeting multiple victims simultaneously.
In this walkthrough, we will show you the individual attack and how we can include a malicious link to a cloned site we will be creating in our next section. The mass mailer attack is similar; the only difference being you can use a list of emails instead of a single address.
You will need to use an App password to use a Gmail account. App passwords let you sign in to your Google Account from apps on devices that don’t support 2-Step Verification.
Here is a great article on setting up App passwords in your Google account.
Google is removing this option for new accounts and has plans to remove it from all accounts in the future, so be aware that using your Gmail account may not work, and you may need to use an email from a domain you own instead.
You will need an SMTP open relay to use an email attached to your domain. For this scenario, we recommend using SMTP2GO, where you can send up to a thousand emails at no cost.
Phishing Campaign
Let’s walk you through setting up the phishing campaign using a Gmail address to send an email with a malicious link.
We will email the target pretending to be GitHub support and ask the user to click the link. The link will be to a cloned site we will host on our server.
From the main menu, choose option one, “Social Engineering Attacks,” then choose option five, “Mass Mailer Attack,” and finally select “E-mail Attack Single Email Address.”
You will be asked to input the target and sender email. Let’s walk through each prompt.
- Send email to: This is the email of the target.
- Next, you can use a Gmail account or one from your server.
- Your Gmail account: The account you want to send the email from.
- The FROM NAME the user will see: The from name you want to be displayed.
- Flag this message(s) as high priority: Whether you want it to be flagged as high priority.
- Do you want to attach a file: Yes or No
- Do you want to attach an inline file: Yes or No
- E-mail Subject: The subject line for the email.
- Send the message as HTML or plain text: Choose how you want to send the email.
- Enter the body of the message: Enter the actual email text here. Once you have finished writing the email, type END and hit enter.
SET will tell you when it has finished sending the emails.
Once the email has been sent, your target should receive it in their inbox.
If you want to send an email from your server, the setup in SET is similar. You need the SMTP server and port number from your server. For SMTP2GO, that would be mail.smtp2go.com and port 2525. You need a username and password, which can be set up in SMTP2GO.
An attacker may often use «typosquatting» or «URL hijacking» to register domain names similar to legitimate ones. Doing so allows them to use a more convincing email address to send out phishing emails.
Now, let’s look at setting up a cloned Github login page where we will direct our target and harvest their credentials.
Website Cloning and Credential Harvesting
Website cloning and credential harvesting are two essential techniques in the arsenal of social engineers. These techniques involve creating a replica of a legitimate website and tricking users into entering their sensitive information on the fake website, such as usernames and passwords.
This information can then be used for various malicious activities, including unauthorized access to user accounts, identity theft, or even corporate espionage.
Clone Site
Before setting up a cloned site in SET, you need to enable the Apache web server in the SET configuration file located at /etc/setoolkit/set.config. Change the line APACHE_SERVER=OFF to APACHE_SERVER=ON, save the file, and restart SET to apply the changes.
To use the Site Cloner in SET, follow these steps:
- Launch SET by running setoolkit in the terminal.
- Select option one, which is Social-Engineering Attacks.
- Choose option two, Website Attack Vectors.
- Select option three, Credential Harvester Attack Method.
- Choose option two, Site Cloner.
- Enter the IP address of the machine running SET, which will be used as the redirect IP for captured credentials.
- Input the URL of the target website you want to clone (e.g., https://www.github.com/login).
SET will now clone the website and host it on your machine, with a phishing page to capture user credentials.
For this to work effectively, you need to clone a site that has the username and password fields on the same page.
Credential Harvesting
When users visit the cloned website and enter their login information, the credentials will be captured and sent to the attacker’s machine. This information can then be used to gain unauthorized access to the user’s account on a legitimate website.
The user will then be redirected to the actual login page of the service.
If we head back to our terminal in Kali, we should see the credentials come through.
To make the cloned website more convincing, attackers often employ tactics like typosquatting (registering domains with similar names to the target site), such as amzon.com (instead of amazon.com), or using the target site’s name as a subdomain of another legitimate site they control (amazon.myfakesite.com).
These techniques help create a sense of credibility for the fake website, increasing the chances of successfully tricking users into revealing their credentials.
It’s important to note that tools like SET can quickly deploy cloned websites on cloud platforms like AWS, complete with public URLs, making it even easier for attackers to create convincing phishing campaigns.
Always remember to use these tools and techniques for educational purposes and in authorized penetration testing engagements only. Ethical hacking is about understanding and improving security, not exploiting it for malicious purposes.
Conclusion
Throughout this guide, we have explored the powerful capabilities of the Social Engineer Toolkit (SET) in conducting various social engineering attacks. We’ve delved into the Infectious Media Generator, creating malicious payloads that can compromise systems upon execution.
We’ve also discussed phishing attacks and how to send a malicious link in an email. Finally, we examined website cloning and credential harvesting, highlighting the importance of awareness and vigilance regarding online security.
However, it is crucial to remember that SET is capable of much more than what we’ve covered in this guide. Other attack vectors, penetration testing modules, and third-party integrations make SET indispensable for ethical hackers, security researchers, and penetration testers.
As we continue to emphasize, the knowledge and techniques shared in this guide should only be used for educational purposes or authorized security assessments.
The Social Engineer Toolkit is a versatile and powerful suite of tools that can significantly aid security professionals in understanding and mitigating the risks associated with social engineering attacks. By becoming familiar with these techniques and tools, you’ll be better equipped to protect yourself, your organization, and your users from falling victim to the ever-evolving landscape of cyber security threats.
Why not explore some of our fantastic courses that can help you expand your knowledge in social engineering?
-
Richard is a cyber security enthusiast, eJPT, and ICCA who loves discovering new topics and never stops learning. In his home lab, he’s always working on sharpening his offensive cyber security skills. He shares helpful advice through easy-to-understand blog posts that offer practical support for everyone. Additionally, Richard is dedicated to raising awareness for mental health. You can find Richard on LinkedIn, or to see his other projects, visit his Linktree.
Просмотров: 1 247
Здравствуйте, дорогие друзья.
SET был создан и написан Дэвидом Кеннеди (@ReL1K), основателем trustsec, и он поддерживается активной группой сотрудников (www.social-engineer.org). Это фреймворк на основе Python, с открытым исходным кодом, специально разработанный для облегчения атак социальной инженерии.
Инструмент был разработан с целью достижения безопасности путем обучения. Значительное преимущество SET — это его взаимосвязь с платформой Metasploit, которая обеспечивает необходимые полезные нагрузки для эксплуатации, шифрования, для обхода антивирусного программного обеспечения и модуль прослушивания, который подключается к скомпрометированной системе, когда отправляет оболочку злоумышленнику.
Чтобы открыть SET в дистрибутиве Kali, перейдите в Приложения | Инструменты социальной инженерии | social engineering toolkit или введите sudo setoolkit в командной строке. Вам будут представлено главное меню, как показано на рисунке ниже:
Если Вы выберете 1) Social-Engineering Attacks, то Вам будет представлено следующее подменю, как показано на рисунке ниже:
Параметры меню атаки, следующие:
1. Векторы целевой фишинговой атаки: этот модуль позволяет злоумышленнику создавать сообщения электронной почты, и шаблоны, чтобы отправлять их целевым жертвам, с прикрепленными эксплойтами.
2. Векторы атак на веб-сайты: один из комплексных режимов, который позволяет злоумышленникам использовать несколько подмодулей для выполнения различных веб-атак — мы рассмотрим некоторые модули в ближайших разделах.
3. Инфекционный медиа-генератор: создает файл autorun.inf и полезную нагрузку Metasploit. После записи или копирования на USB-устройство или физический носитель (CD или DVD) и вставки в целевой системе, он вызовет автозапуск (если автозапуск включен) и скомпрометирует систему.
4. Создайте полезную нагрузку и прослушиватель: этот модуль представляет собой быстрый метод создания полезной нагрузки метасплойта. Злоумышленник должен использовать отдельную атаку социальной инженерии, чтобы убедить цель для его запуска.
5. Атака массовых рассылок: чтобы иметь возможность отправлять массовые электронные письма с помощью Sendmail и подделывать адрес отправителя, и личности.
6. Вектор атаки на базе Arduino: программирует устройства на базе Arduino, такие как Teensy (https://www.pjrc.com/teensy/). Поскольку эти устройства регистрируются как USB-клавиатура, когда подключенные к физической системе Windows, они могут обойти систему безопасности, отключив автозапуск или другую защиту конечной точки.
7. Вектор атаки точки беспроводного доступа: это создаст фальшивую точку беспроводного доступа и DHCP-сервера в системе злоумышленника и перенаправление всех DNS-запросов злоумышленнику. Злоумышленник затем может запускать различные атаки, такие как апплет Java или атаку сборщика учетных данных.
8. Вектор атаки генератора QRCode: создает QR-код с определенным URL-адресом, связанным с атакой.
9. Векторы атак PowerShell. Это позволяет злоумышленнику создавать атаки, основанные на PowerShell, оболочку командной строки и язык сценариев, доступную в версиях Windows, начиная с Vista.
10. Сторонние модули: это позволяет злоумышленнику использовать инструмент удаленного администрирования. Tommy Edition (RATTE) и атаку Google Analytics со стороны Zonksec. RATTE является частью Java атака апплета; это инструмент удаленного доступа с текстовым меню, который может работать как изолированная полезная нагрузка.
SET также предоставляет пункт меню для быстрого тестирования на проникновение, который дает быстрый доступ к некоторым специализированным инструментам, поддерживающим идентификацию брутфорса и взлом пароля SQL в базе данных, а также некоторые индивидуальные эксплойты, основанные на Python, векторах атак SCCM, эксплуатацию DRAC/chassis компьютера Dell, перечисление пользователей и внедрение PsExec PowerShell. Меню также предоставляет опции для обновления SET и обновления конфигурации. Однако, этих дополнительных опций следует избегать, так как они не полностью поддерживаются Kali и могут вызывать конфликты с зависимостями.
На этом все. Всем хорошего дня!
#1 Kali Linux для продвинутого тестирования на проникновение. Целевое тестирование.
#2 Kali Linux для продвинутого тестирования на проникновение. Методология тестирования.
#3 Kali Linux для продвинутого тестирования на проникновение. Введение в возможности Kali Linux.
#4 Kali Linux для продвинутого тестирования на проникновение. Установка на Raspberry Pi 4, VMware Workstation Player, VirtualBox, Docker.
#5 Kali Linux для продвинутого тестирования на проникновение. Kali в облаке Amazon Web Services (AWS).
#6 Kali Linux для продвинутого тестирования на проникновение. Kali на облачной платформе Google (GCP).
#7 Kali Linux для продвинутого тестирования на проникновение. Kali на Android (телефоны без рута).
#8 Kali Linux для продвинутого тестирования на проникновение. Настройка и кастомизация Kali Linux.
#9 Kali Linux для продвинутого тестирования на проникновение. Создание тестовой лаборатории. Active Directory и контроллер домена.
#10 Kali Linux для продвинутого тестирования на проникновение. Создание тестовой лаборатории. Установка Microsoft Exchange Server 2016.
#11 Kali Linux для продвинутого тестирования на проникновение. Создание тестовой лаборатории. Metasploitable3.
#12 Kali Linux для продвинутого тестирования на проникновение. Создание тестовой лаборатории. Mutillidae.
#13 Kali Linux для продвинутого тестирования на проникновение. Создание тестовой лаборатории. CloudGoat.
#14 Kali Linux для продвинутого тестирования на проникновение. OSINT и Пассивная разведка.
#15 Kali Linux для продвинутого тестирования на проникновение. Наступательный OSINT. Maltego.
#16 Kali Linux для продвинутого тестирования на проникновение. Наступательный OSINT. OSRFramework. theHarvester.
#17 Kali Linux для продвинутого тестирования на проникновение. Наступательный OSINT. TinEye. Shodan. SpiderFoot.
#18 Kali Linux для продвинутого тестирования на проникновение. Наступательный OSINT. Гугл Дорки.
#19 Kali Linux для продвинутого тестирования на проникновение. Защитный OSINT. Даркнет. Аналитика угроз.
#20 Kali Linux для продвинутого тестирования на проникновение. Защитный OSINT. CUPP. CeWL. Twofi.
#21 Kali Linux для продвинутого тестирования на проникновение. Активная разведка внешней и внутренней сети.
#22 Kali Linux для продвинутого тестирования на проникновение. Использование прокси с анонимными сетями. Tor. ProxyChains.
#23 Kali Linux для продвинутого тестирования на проникновение. Разведка DNS и сопоставление маршрутов. Recon-ng framework.
#24 Kali Linux для продвинутого тестирования на проникновение. IPv4. IPv6. Инструменты IPv6.
#25 Kali Linux для продвинутого тестирования на проникновение. Идентификация внешней сетевой инфраструктуры.
#26 Kali Linux для продвинутого тестирования на проникновение. Сканирование портов. Nmap. Masscan.
#27 Kali Linux для продвинутого тестирования на проникновение. Информация DHCP. ARP-broadcasting.
#28 Kali Linux для продвинутого тестирования на проникновение. Использование SNMP. Разведка серверов домена Active Directory.
#29 Kali Linux для продвинутого тестирования на проникновение. Перечисление среды Microsoft Azure. Legion. Машинное обучение для разведки.
#30 Kali Linux для продвинутого тестирования на проникновение. Оценка уязвимости. Эксплойты.
#31 Kali Linux для продвинутого тестирования на проникновение. Сканирование уязвимостей с помощью Nmap. Кастомизация сценариев NSE.
#32 Kali Linux для продвинутого тестирования на проникновение. Сканеры уязвимостей веб-приложений. Nikto.
#33 Kali Linux для продвинутого тестирования на проникновение. OWASP ZAP.
#34 Kali Linux для продвинутого тестирования на проникновение. Сканеры уязвимостей для мобильных приложений.
#35 Kali Linux для продвинутого тестирования на проникновение. Сканер сетевых уязвимостей OpenVAS.
#36 Kali Linux для продвинутого тестирования на проникновение. Коммерческие сканеры уязвимостей. Nessus. Qualys.
#37 Kali Linux для продвинутого тестирования на проникновение. Специализированные сканеры.
#38 Kali Linux для продвинутого тестирования на проникновение. Продвинутая социальная инженерия и физическая безопасность.
#39 Kali Linux для продвинутого тестирования на проникновение. Социальная инженерия в компьютерных и мобильных атаках.
#40 Kali Linux для продвинутого тестирования на проникновение. Физические атаки на консоли. Samdump2 и chntpw.
#41 Kali Linux для продвинутого тестирования на проникновение. Создание мошеннического физического устройства. Raspberry Pi. MalDuino: BadUSB.