Overview

The Social Engineering Toolkit (SET) is a tool that is used by penetration testers that performs advanced attacks against the human element. The SET was created to allow IT professionals to see attacks that had never before been included in exploitation toolsets. The SET has quickly become a standard tool in most penetration testers’ toolbelts, with well over two million downloads. It’s the standard for social engineering penetration testing and the IT community is firmly behind it.

Course Content

SET (BSWR)

Course Description

Who Needs to Use the Social Engineering Toolkit?

The Social Engineering Toolkit (SET) is a tool that is used by penetration testers that performs advanced attacks against the human element. The SET was created to allow IT professionals to see attacks that had never before been included in exploitation toolsets. The attacks that are in the SET were created to be focused and targeted attacks against an organization or a person used in penetration testing, using social engineering tactics. The SET has quickly become a standard tool in most penetration testers’ toolbelts, with well over two million downloads. It’s the standard for social engineering penetration testing and the IT community is firmly behind it. It’s essential that penetration testers and other cybersecurity professionals have and use the SET in their testing.

Why Use the Social Engineering Toolkit?

Because of the human element, social engineering attacks are some of the most difficult to protect against. And that makes those types of attacks one of the most prevalent. Knowing how to conduct social engineering penetration tests is crucial for organizations today. Here are some of the reasons why:

  • It helps information security professionals manage security risks more effectively and precisely.
  • It provides valuable and up to date information about how much employees comply with the organization’s security policies.
  • It prepares employees against Phishing exploits, which are some of the most common types of social engineering attacks.
  • It strengthens a company’s overall protection from cyberattacks.
  • Using the SET to perform social engineering pen tests empowers testers to:
  • Create exploit-laced web pages and emails
  • Improve and automate known cyberattacks
  • Compromise systems by cloning websites and injecting the pages with HTA files

Perform various cyberattacks including:

  • SMS spoofing
  • Powershell
  • Websites
  • Mass mailer
  • Wireless access point
  • QRCode generation
  • Payload and listener
  • Infectious media generation
  • Spear-phishing
  • Arduino-based

For more information about the Social Engineering Toolkit, including how to use it effectively, enroll in our How to Use the Social Engineering Toolkit tutorial. The tutorial is available to anyone who wants to learn to use the SET to improve the protection of an organization’s sensitive information and assets.

Teaching Assistant Vikramajeet Khatri and Tahir Ibrahim

(Disclaimer: Breaking Stuff with Robert is a Cybrary series that will be running indefinitely. You will not earn CEU/CPE hours by watching any individual 'Breaking Stuff with Robert' episode. However, you can still earn a certificate of completion for each episode completed.)