O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Kali Linux Social Engineering

Book Description

Effectively perform efficient and organized social engineering tests and penetration testing using Kali

  • Learn about various attacks and tips and tricks to avoid them
  • Get a grip on efficient ways to perform penetration testing.
  • Use advanced techniques to bypass security controls and remain hidden while performing social engineering testing

In Detail

Kali Linux has a specific toolkit that incorporates numerous social-engineering attacks all into one simplified interface. The main purpose of SET (social engineering toolkit) is to automate and improve on many of the social engineering attacks currently out there.

This book is based on current advanced social engineering attacks using SET that help you learn how security can be breached and thus avoid it. You will attain a very unique ability to perform a security audit based on social engineering attacks.

Starting with ways of performing the social engineering attacks using Kali, this book covers a detailed description on various website attack vectors and client side attacks that can be performed through SET. This book contains some of the most advanced techniques that are currently being utilized by hackers to get inside secured networks. This book covers phishing (credential harvester attack), web jacking attack method, spear phishing attack vector, Metasploit browser exploit method, Mass mailer attack and more.

By the end of this book you will be able to test the security of any organization based on social engineering attacks.

Table of Contents

  1. Kali Linux Social Engineering
    1. Table of Contents
    2. Kali Linux Social Engineering
    3. Credits
    4. About the Author
    5. About the Reviewers
    6. www.PacktPub.com
      1. Support files, eBooks, discount offers, and more
        1. Why subscribe?
        2. Free access for Packt account holders
    7. Preface
      1. What this book covers
      2. What you need for this book
      3. Who this book is for
      4. Conventions
      5. Reader feedback
      6. Customer support
        1. Errata
        2. Piracy
        3. Questions
    8. 1. Introduction to Social Engineering Attacks
      1. Understanding social engineering attacks
      2. Phases in a social engineering attack
        1. Research
        2. Hook
        3. Play
        4. Exit
      3. Types of social engineering
        1. Human-based social engineering
        2. Computer-based social engineering
      4. Computer-based social engineering tools – Social-Engineering Toolkit (SET)
        1. Website cloning
      5. Policies and procedure
        1. Training
        2. Incident response system
        3. Classification of information
        4. Password policies
      6. Summary
    9. 2. Understanding Website Attack Vectors
      1. Phishing and e-mail hacking – Credential Harvester attack
        1. Updating your Social-Engineering Toolkit
        2. Web jacking
          1. Spear-phishing attack vector
      2. Java Applet Attack
      3. Defense against these attacks
      4. Summary
    10. 3. Performing Client-side Attacks through SET
      1. Creating a payload and a listener
        1. Vulnerability
        2. Exploit
        3. Payload
        4. Steps to create a payload and listener
      2. Understanding the mass mailer attack
      3. Understanding the SMS spoofing attack vector
        1. The predefined template
      4. Summary
    11. 4. Understanding Social Engineering Attacks
      1. Identity theft
      2. Stealing an identity
      3. Elicitation
        1. Skills required in an attacker
      4. Penetration testing tools
        1. The Browser Exploitation Framework
        2. The Social Engineering Framework
          1. Sefemails
          2. Sefphish
          3. Sefnames
          4. SefPayload
          5. Defense
      5. Summary
    12. Index