1. Perform Social Engineering using tools

In a social engineering test, you should try to trick the user into disclosing personal information such as credit card numbers, bank account details etx

1. Sniff credentials using SET (Social engineering toolkit)

launch SET

sudo su
setoolkit

Select social engineering toolkit > website attack vectors > credential harvestor > site cloner

As soon as the victim types in his/her Username and Password and clicks Login, SET extracts the typed credentials. These can now be used by the attacker to gain unauthorized access to the victim’s account.

Last updated

Was this helpful?