Social engineering has enjoying an increasingly effective and prominent role in effective online attacks.
The term itself is a big one, encompassing targeted surveillance and information gathering techniques that early hacking stars such as Kevin Mitnick mastered (and went on to write about), down to the ubiquitous phishing and spam email message.
“The Social Engineering Toolkit (SET) is a python-driven suite of custom tools which solely focuses on attacking the human element of penetration testing. It’s main purpose is to augment and simulate social-engineering attacks and allow the tester to effectively test how a targeted attack may succeed.”
This is the official change log:
- Fixed a bug where create payload and listener wouldn’t work for the new SET interactive shell or RATTE
- Updated the SET User Manual for version 1.3.5
- Fixed the core.log(error) core library to properly log potential errors within SET
- Updated the SET interactive listener to hold over nearly unlimited connections versus the 30 it was initially limited to
- Turned the Java Repeater off by default (still a bit buggy, feel free to turn on if you want it)
- Added an automatic selection for the Sun Java Applet2ClassLoader Remote Code Execution to select java Meterpreter since it is specific to the java meterpreter as a payload selection
- Fixed alignment issues in the Metasploit attack vectors
Download The Social Engineering Toolkit v1.3.5 (set.tar.gz) here.
Contributed by SecTechno