TOOLS |

SET Social Engineering Toolkit

This tool, and guide to using the tool, is an example of how easy client based exploitation has become. When it comes down to it, attacking the client is fast becoming the easiest method to perform a targeted attack against an organisation or company.

For our readers who are not familiar with Metasploit this maybe a little advanced. However you should still be aware of how relatively easy this sort of attack can be. After all the weakest point in most organisations is the end user.

The guys at offensive-security.com have a put metasploit training online, and a guide to the Social Engineering Toolkit (SET). It is a good step by step tutorial to using the tool and exploiting clients.

Depending on the guidelines of your Pen-Test, attacking the client is often a valuable entry point into the entire network. Frankly, once you get the client there is little stopping you from taking the whole network.

SET Social Engineering Toolkit