Automating Social-Engineering Toolkit
The Social Engineering Toolkit (SET) is a Python-based set of tools that targets the human side of penetration testing. We can use SET to perform phishing attacks, web-jacking attacks that involve victim redirection stating that the original website has moved to a different place, file format-based exploits that targets particular software for exploitation of the victim's system, and many others. The best thing about using SET is the menu-driven approach, which will set up quick exploitation vectors in no time.
Note
Tutorials on SET can be found at http://www.social-engineer.org/framework/se-tools/computer-based/social-engineer-toolkit-set/.
SET is extremely fast at generating client-side exploitation templates. However, we can make it faster by using the automation scripts. Let's see an example:
In the preceding screenshot, we fed se
-scrip
t to the seautomate
tool, which resulted in a payload generation and the automated setup of an exploit handler. Let...