The Social-Engineer Toolkit v2.0 Released
The Social Engineering Toolkit (SET) is a python-driven suite of custom tools which solely focuses on attacking the human element of penetration testing. It's main purpose is to augment and simulate social-engineering attacks and allow the tester to effectively test how a targeted attack may succeed.
This is the official change log:The Social Engineering Toolkit (SET) is a python-driven suite of custom tools which solely focuses on attacking the human element of penetration testing. It's main purpose is to augment and simulate social-engineering attacks and allow the tester to effectively test how a targeted attack may succeed.
- Removed un-needed assignment in core around create random string
- Added the Binary2Teensy option in the Teensy menu, this will allow you to create a payload and inject alphanumeric shellcode through shellcodeexec in a new technique released at BSIDESLV
- Changed the path of metasploit to be /opt/msf3/framework3 versus /pentest/exploits/framework3
- Added the ability for multiple payloads in binary2teensy attack
- Added the ability to leverage the SDCard mounted Teensy device with payload generation without mounting the SDCard to the victim machine
- Fixed a bug where webattack_email turned on would not trigger based on a wrong path
- Updated the phishing attacks in the infectious media site and phishing site in the web GUI interface
- Updated the Wireless Access Point Attack to choose the monitor interface that is most recently created
- Changed the menu output, this is the first of many changes on how the menu interacts
- Added an X10 Sniffer into the Arduino based attack vectors
- Added an X10 Jammer into the Arduino based attack vectors
- Changed the menu option to reflect Arduino based attack vector versus Teensy
- Added a starttls check for authentication around sendmail
- Fixed a bug in mass mailer that would cause gmail to be set versus smtp relay
- Added the SD2Teensy OSX attack vector which targets OSX machines by dumping from the converts.txt storage drive on the teensy
- Added additional exploits into client-side attacks for the browser exploits
- Added additional exploits into the spear-phishing attacks
Download Social Engineering Toolkit v2.0