Website attack
Using websites to launch a social engineering attack allows the attack to target a large number of users. The website attack module in the social engineering toolkit includes various methods to build a social engineering attack using a website.
The following methods are included in the social engineering toolkit:
Java applet attack
Credential Harvester attack
Web jacking attack
Metasploit browser exploit
Tabnabbing attack
Java applet attack
The Java applet attack method creates a Java applet infected with a malicious payload. The payload is a shell or meterpreter code that provides shell access to the victim's machine. To build a complete attack, the tool will prompt if you want to clone a website that you know the victim would trust and spend time browsing on. The applet is then loaded on to the cloned website.
Note
Website cloning is a process in which the content and the formatting of the original website are copied to create a similar looking web page.
The important step is to entice...
