Book Image

Kali Linux Social Engineering

By : Rahul Singh Patel
Book Image

Kali Linux Social Engineering

By: Rahul Singh Patel

Overview of this book

<p>Kali Linux has a specific toolkit that incorporates numerous social-engineering attacks all into one simplified interface. The main purpose of SET (social engineering toolkit) is to automate and improve on many of the social engineering attacks currently out there.</p> <p>This book is based on current advanced social engineering attacks using SET that help you learn how security can be breached and thus avoid it. You will attain a very unique ability to perform a security audit based on social engineering attacks.</p> <p>Starting with ways of performing the social engineering attacks using Kali, this book covers a detailed description on various website attack vectors and client side attacks that can be performed through SET. This book contains some of the most advanced techniques that are currently being utilized by hackers to get inside secured networks. This book covers phishing (credential harvester attack), web jacking attack method, spear phishing attack vector, Metasploit browser exploit method, Mass mailer attack and more.</p> <p>By the end of this book you will be able to test the security of any organization based on social engineering attacks.</p>

Related Content you might be interested in

Current Title:

Small book image
Kali Linux Social Engineering
Rahul Singh Patel
Dec, 2013 | 84 pages
No titles found
Table of Contents (11 chapters)
Kali Linux Social Engineering
Kali Linux Social Engineering
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Introduction to Social Engineering Attacks
Introduction to Social Engineering Attacks
Understanding social engineering attacks
Phases in a social engineering attack
Types of social engineering
Computer-based social engineering tools – Social-Engineering Toolkit (SET)
Policies and procedure
Summary
2
Understanding Website Attack Vectors
Understanding Website Attack Vectors
Phishing and e-mail hacking – Credential Harvester attack
Java Applet Attack
Defense against these attacks
Summary
3
Performing Client-side Attacks through SET
Performing Client-side Attacks through SET
Creating a payload and a listener
Understanding the mass mailer attack
Understanding the SMS spoofing attack vector
Summary
4
Understanding Social Engineering Attacks
Understanding Social Engineering Attacks
Identity theft
Stealing an identity
Elicitation
Penetration testing tools
Summary
Index
Index

Understanding the SMS spoofing attack vector

The SMS spoofing attack allows the attacker to send a text SMS using SET without revealing his/her true identity or by using someone else's identity.

Let's go through the steps required to perform this attack:

  1. Start the SET toolkit. You will see the following welcome screen:

  2. SMS Spoofing Attack Vector is present under Social-Engineering Attacks, as shown in the preceding screenshot. This module in SET was created by the team at TB-security.com.

  3. The SMS spoofing attack vector allows you to craft your own SMSes and send them to the target using some third-party number without ever interacting with the user.

  4. From the Social-Engineering Attacks menu, select the SMS Spoofing Attack Vector option. Once selected, we will be presented with the following screen, where we need to decide on the decision regarding the body of the SMS:

  5. Let us first see how we can create a custom template:

    Set:sms> 2
[ **********] Custom 	Template Generator [*********]
Set:sms...
Previous Section
End of Section 4
Next Section