From the course: Security Testing Essential Training
Join today to access over 25,500 courses taught by industry experts.
Demo: Social‑Engineer Toolkit (SET)
From the course: Security Testing Essential Training
Demo: Social‑Engineer Toolkit (SET)
- [Instructor] When you're performing a social engineering test and you're trying to get credentials from users, a great way to do that is by standing up a fake version of a known and trusted website and then sending a link to that fake website so that you can get users to submit their credentials through a login form. Instead of sending the credentials to a legitimate service, you want them to come right back to your testing machine, in this case, your Kali Linux instance. So when using the Social-Engineers Toolkit, I'd like to start at the command line and run the ifconfig command. I want to point out, as we mentioned earlier in the Wireshark demo, the eth0 adapter maps to 10.0.2.15. That's important to remember here because that is where our fake website is going to run. In our lab environment, this is an internal IP address, so no one from outside of our lab is ever going to see it. But if you're using this on an actual security assessment, you would want to run this tool on an…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.