Welcome back my social engineers/hackarians! Today we'll be looking
into a fantastic piece of software, The Social-Engineer Toolkit or just SET for short. SET is designed, Developed and used by several Social-engineers. So... Let's get started!
When you boot up SET you'll see this screen:
Now we are able to pick one of the options listed above
>1) Social engineering attacks
>2) Fast-track penetration testing
The other options are not important. So what happens when we press 1 We'll get this screen:
Now there are numerous of things here so let's look into that!
Spear-Phishing Attack Vectors
This tool allows you to send e-mails with a malicious file as payload.
Website Attack Vectors
This tool allows you to create a malicious website link.
Infectious Media Generator
This tool creates a payload and a .ini file for a usb,cd or dvd injection.
Create a Payload and Listener
Straightforward just creates a .exe file and opens a listener.
Mass Mailer Attack
This tool will send e-mails to the target.
Arduino-Based Attack Vector
For use with a "teensy usb."
SMS Spoofing Attack Vector
With this tool you'll be able to craft sms messages and send them.
Wireless Access Point Attack Vector
Should be straightforward.
QRCode Generator Attack Vector
Generates a QRCode to a specific URL.
Powershell Attack Vectors
This will allow you to use Powershell exploits (powershell is available on windows vista and above.)
Third Party Modules
Will allow you to browse for more add-ons.
I won't create a whole tutorial about the different options available in SET because it's just to much. Also SET is pretty straightforward. For example, in metasploit you'll need to use set RHOST:xxx.xxx.xxx.xxx. SET just asks: What is the remote host? ==> xxx.xxx.xxx.xxx
So go ahead and try to social engineer someone, and i hope this helps.
Want to help support Null Byte and start making your own money as a white hat hacker? Jump start your White-Hat Hacking career with our 2020 Premium Ethical Hacking Certification Training Bundle from the new Null Byte Shop and get over 60 hours of training from Ethical Hacking Professionals.