SET password harvesting

We examined the basics of the Social Engineering Toolkit (SET) in Chapter 4. We are going to revisit SET and look at some advanced concepts of password harvesting and capturing privileged information.

As a refresher, we will launch SET by going to Exploitation Tools | Social Engineering Tools | se-toolkit.

Make sure SET is updated if this if the first time using it. Steps for updating SET and verifying whether GIT is installed can be found in Chapter 4.

Tip

When SET clones a website, it will run a web server. It is important that whoever is being targeted is able to connect to your web server. This means any Internet-based attack will need to leverage a public IP address (either through NAT or directly on Kali Linux), as well ...

Get Web Penetration Testing with Kali Linux now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.