3.1 Social Engineer's Toolkit (SET)

00:02

welcome to Module three, and Cyber is crafting the perfect email course. Now that we've done our recount and composed our phishing e mail,

00:09

let's go ahead and you set or the Social Engineers Tool kit to finish the attack.

00:15

In this video, we're going to go over the Social Engineers tool kit and learn to navigate through the menus.

00:23

So, first off, what is set or again? Social engineering tool kit.

00:28

So the social engineers toolkit is everything you need to perform a variety of social engineering attacks. You can perform everything from spearfishing, copying websites, mass mailers and even power shell attacks. There's a couple ways to launch it. You can launch it from the gooey or the graphical user interface

00:47

by clicking application,

00:49

social engineering tools, social engineers, tool kit or from the command line with the command s E T 00 l k i t.

00:59

So, the first time you launch

01:02

set, you'll see a disclaimer and I'll go ahead, read it here. I've got a screenshot below, but the social engineer of tool kit is designed purely for good and not evil. If you plan on using this tool for malicious purposes that are not authorized by the company you're performing the assessments for you are violating the terms of service and license of the tool set by hitting. Yes,

01:21

you agree the terms of service and the only use a stool for lawful purposes only.

01:25

So you type. Yes. Um, it will go away. You'll never see it again.

01:30

If you'd like to learn more about the Social Engineers tool kit, you can visit the developers and trusted sec dot com slash social engineer Tool kit Dash set.

01:40

And for now, we're gonna go ahead and hop right in.

01:45

So it's really easy to navigate this. Just a quick screen shot. Before we hop in. You can see the menu, and then you just press any of the corresponding numbers to what you're trying to do and that will go through the menu.

01:56

So let's pop into our lab.

02:00

All right, We've got our Callie machine. We will log in with roots and tour,

02:17

right.

02:20

And so again, there were two ways to launch it. You can go to your applications

02:25

social engineering tools right down here and sat tubes.

02:30

You'll see. Right? There s e t in click that that will launch it, or I like to do most things from the terminal just a little bit easier. So we'll launch our terminal,

02:40

make this a little bit bigger here.

02:44

And the command was S e T O l k I t

02:57

let it alone.

03:07

Let's try that one more time.

03:31

There we go. We've got a cursor.

03:35

All right. S e T o l k I t

03:38

hit. Enter.

03:42

You've got your social engineers Tool kit here does tell you the current version that you're on the version available. And if you are having any issues, they always ask that you update it before you submit those issues to their get.

03:55

So as you can see here, we've got our menu. We've got social engineering attacks, penetration, testing, which is their new module. Third party modules. You can update it from here If you're not using Callie, all the updates through Callie are done through the regular app. Get update

04:14

and I get upgraded,

04:15

but we're gonna go into the social engineering attack. So you type one

04:20

and press enter.

04:21

And here you can see the menu we saw in the slide. So these are the different types of attacks. You can perform. So we've got spear phishing attacks, website attacks. That's where you can clone your websites. Infectious media generators. You can also create payloads and listeners. The mass mailer, Arduino based attacks,

04:41

wireless attacks, Q R code generator

04:44

and power shell on an SMS spoofing, which is your text message spoofing and third party modules.

04:51

Any time you are in any of the menus you can type in 99 that will return you back to the main menu.

04:59

So we'll go back to social engineering and let's say, wanna clone website So you take two

05:03

and this will give you the different types of website attacks they've got available. Um,

05:09

say actually clicked the wrong one. What we're gonna do 99

05:13

back to that main menu, So it is very easy to navigate.

05:17

What I would recommend is kind of just going through all the men you've seen, what types of things are available, and you can also check the third party modules as well.

05:33

All right, we're gonna end. This video was just a quick quist.

05:39

So one what is one way to launch the Social Engineers tool kit?

05:44

And we went over two ways to do this

05:46

so you can launch it from the gooey by going application. Social engineering tools and the social engineers tool kit is just the S e T i con,

05:56

or you can launch it from the command line

06:00

with the command s e T 00 l k i t.

06:05

So, what is the normal menu option to go back to the main menu?

06:12

Yep. And that is just 99. So for many men you that you're in, you just type 99. That'll take you back to the main menu. If it locks up or you just want to start all over, you can also type in exit or control. See? And then we'll get you back to just the regular terminal window and you can start new.