Social Engineering with the Social-Engineer Toolkit

The Social-Engineer Toolkit (SET) is an open-source penetration testing framework designed for social engineering. You'll explore SET, which has a number of custom attack vectors that allow you to execute advanced social engineering tactics.
Course info
Rating
(11)
Level
Intermediate
Updated
Oct 11, 2017
Duration
2h 33m
Table of contents
Description
Course info
Rating
(11)
Level
Intermediate
Updated
Oct 11, 2017
Duration
2h 33m
Description

The Social-Engineer Toolkit (SET) is an open-source Python-driven tool aimed at penetration testing around social engineering. Vulnerability scanners will find the security issues in computer systems, but cannot find them in a human being. If you want a good tool then SET is there to help you assess your company security cavity. In this course, Social Engineering with the Social-Engineer Toolkit, you'll learn the social engineering attacks that SET supports. First, you'll discover how the spear phishing attack works in SET in combination with an e-mail attack. Next, you'll explore how to use the website attack vector, along with creating a payload and a listener. Then, you'll delve into the mighty PowerShell attacks and how to take advantage of this command line tool to bypass the security on the Windows operating system. After that, you'll explore the world of electronics to learn how to use the hardware-based module in SET. Finally, you'll learn about multiple ways to deal with the Social-Engineer Toolkit, such as the Wireless Access point attack, the QRCode generator, SMS spoofing, and the infectious media generator. By the end of this course, you'll have the fundamental knowledge to utilize the Social-Engineer Toolkit efficiently.

About the author
About the author

Gus is an IT expert specialized in programming and security. He's a passionate blogger, geek, and loves what he's doing.

More from the author
More courses by Gus Khawaja
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hi everyone. My name is Gus Khawaja, and welcome to this unique course of Social Engineering with the Social Engineer Toolkit. This application is widely used by hackers and security professionals because of its success to execute social engineering attacks. I know you want to learn and curious about this tool. That's why you're watching this video, right? In each lesson we are going to see together how to understand each type of attack separately in the Social Engineer Toolkit, aka SET. Some of the major topics that we will cover include web-based attacks, reverse shells and meterpreter, PowerShell attacks, post exploitation with empire PowerShell, also USB rubber ducky with that, and much, much more. When finishing all the modules you should grasp the basics of this tool, and you will have an idea of how this looks like in practice. Before beginning this amazing journey you should be familiar with Essentials of Ethical Hacking, but don't worry, I will walk you through all the details. Join me on this course to learn some exciting stuff with the Social Engineer Toolkit.

The Social-Engineer Toolkit
Congratulations. This is your first step in this course, and I want to salute you because you are watching this course for a noble reason, which is improving your professional skills. Let's see together what is the Social-Engineering Toolkit? This application is designed to perform advanced attacks against the human weakness, known as social engineering. This tool is written by a passionate security leader, and his name is David Kennedy with help of the community. Also, it's good to know that Kali Linux already has this tool installed by default, and since Kali is my favorite operating system for penetration testing I will be using it throughout this course. I'm very excited to start showing you some cool techniques to enjoy this amazing toolkit. Are you ready for some fun? Let's start this course.

Creating a Payload and a Listener
In this module we will enjoy together creating payloads and listeners. Let me show you a quick overview of what you are going to learn. First, I'm going to introduce the concept of payloads and listeners. Next, you will see how to generate a Windows Shell payload, and listen remotely to take control of the victim machine. After that you're going to learn how to use the famous Metasploit, Meterpreter payload, to manipulate your victim PC, and finally, I will widen your learning skills to understand how to elevate your privileges and go beyond just getting a remote shell to get the full access to the remote victim host. Let's get started.

PowerShell with SET
Another module about PowerShell. To be honest with you, I'm in love with PowerShell. It's really what its name says. Power in the shell. It's a gift that Microsoft gave us as security professionals to do what we wish on the Windows operating system. Let's see what you are going to learn in this module. First, you will see how to create a Reverse Shell using PowerShell. Did you hear the rhythm? It's like a song. Reverse Shell and PowerShell. Excuse me. I can't help it when I hear the names of these two together, and you're going to understand what I mean in this module. After this I will show you a few tricks about PowerShell for social engineering tactics. Next, I will introduce the famous USB Rubber Ducky, and I will make sure that you understand the basics of this tricky piece of hardware. Finally, you will learn how to assemble all that you have learned in this module and use the USB Rubber Ducky to execute a Reverse Shell using PowerShell. Let's get started.

Hardware-based Attacks
In the previous module you saw how to use the USB Rubber Ducky for social engineering. In this one I will introduce the brother of USB Rubber Ducky, and it's called Teensy. Don't worry, I will show you in detail how it works with the Social-Engineer Toolkit, but I can tell you that if you watch the previous module carefully, then this one should be an easy lesson to understand. Let's start.

More Attacks with SET
This is the last module of this course, and I hope that you learned something new and enjoyed the materials as well. In this module I will show you a few techniques in the Social-Engineer Toolkit that you can use and probably practice them in your career. Let's start.