[+] Wayc0de's Blog[+]

05/08/11

The Social-Engineer Toolkit v2.0 Released



The Social Engineering Toolkit (SET) is a python-driven suite of custom tools which solely focuses on attacking the human element of penetration testing. It’s main purpose is to augment and simulate social-engineering attacks and allow the tester to effectively test how a targeted attack may succeed.
This is the official change log:

  • Removed un-needed assignment in core around create random string
  • Added the Binary2Teensy option in the Teensy menu, this will allow you to create a payload and inject alphanumeric shellcode through shellcodeexec in a new technique released at BSIDESLV
  • Changed the path of metasploit to be /opt/msf3/framework3 versus /pentest/exploits/framework3
  • Added the ability for multiple payloads in binary2teensy attack
  • Added the ability to leverage the SDCard mounted Teensy device with payload generation without mounting the SDCard to the victim machine
  • Fixed a bug where webattack_email turned on would not trigger based on a wrong path
  • Updated the phishing attacks in the infectious media site and phishing site in the web GUI interface
  • Updated the Wireless Access Point Attack to choose the monitor interface that is most recently created
  • Changed the menu output, this is the first of many changes on how the menu interacts
  • Added an X10 Sniffer into the Arduino based attack vectors
  • Added an X10 Jammer into the Arduino based attack vectors
  • Changed the menu option to reflect Arduino based attack vector versus Teensy
  • Added a starttls check for authentication around sendmail
  • Fixed a bug in mass mailer that would cause gmail to be set versus smtp relay
  • Added the SD2Teensy OSX attack vector which targets OSX machines by dumping from the converts.txt storage drive on the teensy
  • Added additional exploits into client-side attacks for the browser exploits
  • Added additional exploits into the spear-phishing attacks

Download Social Engineering Toolkit v2.0
nb : the hacker news

Tidak ada komentar:

Posting Komentar