Sunday
Sep092012
TekTip ep7 - Credential Harvesting with The Social Engineering Toolkit
Sunday, September 9, 2012 at 4:14PM The Social-Engineer Toolkit (SET)
SET is created by: https://www.trustedsec.com
SET includes many modules: Spear-Phishing Attack Vectors, Website Attack Vectors, Infectious Media Generator, Create a Payload and Listener, Mass Mailer Attack, Arduino-Based Attack Vector, SMS Spoofing Attack Vector, Wireless Access Point Attack Vector, QRCode Generator Attack Vector, Powershell Attack Vectors, Third Party Modules.
In this video we focus on "Website Attack Vectors" and particularly "Credential Harvester". For this demo we clone the securitytube.net login page and watch as users (in our lab) attempt to connect and login, giving us their passwords.
Keep in mind that this by itself is not a very strong tool. You must combine with information gathering techniques and trickery to get the most out of this tool in a pentest.
1aN0rmus@tekdefense.com
tagged 1aN0rmus, Credential Harvesting, SET, Social Engineering, backtrack, clone, password, tekdefense, tektip, toolkit, username, website in TekTip
1aN0rmus, Credential Harvesting, SET, Social Engineering, backtrack, clone, password, tekdefense, tektip, toolkit, username, website in TekTip