In this video, Lisa Bock dives into SET, which is built into Kali Linux. She shows how SET can create phishing attacks, generate malicious files, or produce a malicious website.
- Now that we've talked about the social-engineering…toolkit, let's take a look at it in Kali Linux.…I'm gonna type the password, which is toor,…which is the opposite of root, and I'm in Kali Linux.…I'll drop down here this menu choice,…and I want you to see all of the choices…that are built into this tool.…We've already taken a look at most of these,…and it you've taken that course from Malcolm Shore,…An Overview of Kali Linux,…you'll see he's covered most of these.…
I'll scroll down here where we…can see social-engineering tools,…and I want to go to social-engineering toolkit, or set.…The first thing it's going to warn us is that most…likely this is seriously outdated.…I know that, and really I'm just gonna give you an overview.…So I'm fine with that.…So it says press enter if you are aware of that,…and that's fine.…But when we take a look at this,…you can see selecting from the menu some of the choices.…Social-engineering attacks,…fast-track penetration testing, third party modules,…update the social-engineering toolkit,…
In this course, cybersecurity expert Lisa Bock discusses the methods a hacker might use, including embedding malicious links and attachments in emails and using mobile devices and social media to deploy an attack. She discusses the concept of "misuse of trust"—how hackers use charm, power, and influence to penetrate an organization—and why you need to be extra cautious with the disgruntled employee. Finally, Lisa discusses countermeasures security professionals can take to address these attacks.
Note: This course maps to the Social Engineering competency of the Certified Ethical Hacking exam. Review the exam objectives at https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/.
- Visualizing the victim
- Recognizing an attack
- Using charm, power, and influence
- Manipulating with social media
- Preventing insider attacks
- Stealing identities
- Pen testing with social engineering
- Taking countermeasures