We will be using some of the other features of the Social Engineering Toolkit in future tutorials, so keep coming back! Simply type in your address (you might want to create an anonymous email account for this purpose) and password, and SET will send the email you created with the malicious attachment from this Gmail account. In most cases, we will want to use a Gmail account. When we're finished, SET will ask us whether we want to use a Gmail account or send it from our SMTP server. To start using the Social Engineering Toolkit, go to BackTrack, then Exploitation Tools, then Social Engineering Tools, then Social Engineering Toolkit, and click on set.
So, let's fire up our BackTrack and explore the Social Engineering Toolkit! Step 1: Open SET
The current version of the Social Engineering Toolkit includes the following types of attacks. Furthermore, it has been integrated with Metasploit so that we can use Metasploit exploits and payloads in our social engineering attacks. SET was developed by David Kennedy and simplifies a number of social engineering attacks such as phishing, spear-phishing, malicious USBs, etc. Some of the best hackers in history, including Kevin Mitnick, have been great social engineers.īackTrack has a tool to assist and automate social engineering attacks called SET, or the Social Engineering Toolkit. SET has many custom attack vectors that allow you to make a believable attack quickly. That trust may be gained by posing as someone in authority, a colleague, or just someone who needs help. The Social-Engineer Toolkit is an open-source penetration testing framework designed for social engineering. Social engineering is the act of getting people to give you the information you seek, usually by gaining their trust.
#HOW TO USE SOCIAL ENGINEERING TOOLKIT IN KALI LINUX HTTPS PASSWORD#
Why bother spending hours or days trying to hack a password if someone will simply give it to you? In fact, I would say that technical hacks should ONLY be attempted if social engineering attacks fail. Many newbie hackers focus upon the technical aspects of hacking and fail to give enough attention to social engineering.