Ethical Hacking — Week 8
Social Engineering
In today’s session, I learned a bit about SET which stands for Social-Engineer Toolkit.SET is an open source penetration testing framework designed for social engineering. SET is a product of TrustedSec, LLC – an information security consulting firm located in Cleveland, Ohio.
There are several steps needed to install it. The first step is to go to your kali linux and in your terminal, type git clone https://github.com/trustedsec/social-engineer-toolkit/ setoolkit/.The second step is to type cd setoolkit, then the third step is to type pip3 install -r requirements.txt then the last step is to type python setup.py.
One of the things I learned about is CUPP which stands for Common User Passwords Profiler. This is a tool that is used to find valid passwords based on the target’s personal, psychological, and social characteristics.
The method I learned today was credential harvester attack. This is a method used when we do not want to specifically get a shell but perform phishing attacks in order to obtain username and passwords from the system. In this attack vector, a website is cloned and when the victims enters their user credentials, their usernames and passwords will be posted back to our machine.Afterwards, the victim is redirected back to the actual legitimate website.
Tags: Ethical Hacking
This entry was posted on Friday, April 24th, 2020 at 5:50 pm and is filed under Database System -- Semester 3, Ethical Hacking -- Semester 4, Intelligent System -- Semester 4, Network Forensic -- Semester 5, Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.