Book Image

Kali Linux Social Engineering

By : Rahul Singh Patel
Book Image

Kali Linux Social Engineering

By: Rahul Singh Patel

Overview of this book

<p>Kali Linux has a specific toolkit that incorporates numerous social-engineering attacks all into one simplified interface. The main purpose of SET (social engineering toolkit) is to automate and improve on many of the social engineering attacks currently out there.</p> <p>This book is based on current advanced social engineering attacks using SET that help you learn how security can be breached and thus avoid it. You will attain a very unique ability to perform a security audit based on social engineering attacks.</p> <p>Starting with ways of performing the social engineering attacks using Kali, this book covers a detailed description on various website attack vectors and client side attacks that can be performed through SET. This book contains some of the most advanced techniques that are currently being utilized by hackers to get inside secured networks. This book covers phishing (credential harvester attack), web jacking attack method, spear phishing attack vector, Metasploit browser exploit method, Mass mailer attack and more.</p> <p>By the end of this book you will be able to test the security of any organization based on social engineering attacks.</p>

Related Content you might be interested in

Current Title:

Small book image
Kali Linux Social Engineering
Rahul Singh Patel
Dec, 2013 | 84 pages
No titles found
Table of Contents (11 chapters)
Kali Linux Social Engineering
Kali Linux Social Engineering
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Introduction to Social Engineering Attacks
Introduction to Social Engineering Attacks
Understanding social engineering attacks
Phases in a social engineering attack
Types of social engineering
Computer-based social engineering tools – Social-Engineering Toolkit (SET)
Policies and procedure
Summary
2
Understanding Website Attack Vectors
Understanding Website Attack Vectors
Phishing and e-mail hacking – Credential Harvester attack
Java Applet Attack
Defense against these attacks
Summary
3
Performing Client-side Attacks through SET
Performing Client-side Attacks through SET
Creating a payload and a listener
Understanding the mass mailer attack
Understanding the SMS spoofing attack vector
Summary
4
Understanding Social Engineering Attacks
Understanding Social Engineering Attacks
Identity theft
Stealing an identity
Elicitation
Penetration testing tools
Summary
Index
Index

Stealing an identity

In this section we will discuss the practicalities of identity theft. The steps that an attacker follows to perform online identity theft are:

  1. Find the targets e-mail ID, for example, . This we can easily get with the help of Google and some Google hacks, through Google harvesting (the method used to collect e-mail IDs), or through LinkedIn.

  2. Once we have the e-mail ID of the target, we need to know more about them. We can get this information from LinkedIn or Facebook using the e-mail searching options.

  3. Once we get the e-mail ID, their interim details, and picture, we are ready to rock and roll.

  4. After that we need to create a look-a-like e-mail ID for the target and create an online account using the same picture and all the details that we have found and start sending fake requests to their friends using reasons such as "I lost my old account", "someone hacked into my account", and other such similar stories.

The next method that we are going to discuss...

Previous Section
End of Section 3
Next Section