Social Engineer Toolkit (SET) v.6.5 -Mr Robot- Released

Social Engineer Toolkit (SET) v.6.5 -Mr Robot- Released

When it comes to social engineering, SET (Social Engineer Toolkit) is the favorite choice for many hackers out there. It is an open-source Python-driven tool aimed at penetration testing around Social-Engineering. SET has been presented at large-scale conferences including Blackhat, DerbyCon, Defcon, and ShmooCon. With over two million downloads, SET is the standard for social-engineering penetration tests and supported heavily within the security community.

SET incorporates many useful social-engineering attacks all in one interface. The main purpose of SET is to automate and improve on many of the social-engineering attacks out there. It can automatically generate exploit-hiding web pages or email messages, and can use Metasploit payloads to, for example, connect back with a shell once the page is opened.

The next major revision of The Social Engineer Toolkit (SET) v6.5 codename “Mr Robot” has just been released. The codename is in celebration of the TV show Mr Robot featuring SET in S01 E04! Kudos to them for having some amazing tech writers and appreciate the shoutout on the show. The new version incorporates a new HTA web attack vector (thanks Justin Elze aka ginger) for sharing the attack vector with me. This attack allows you to clone a website and inject an HTA file which compromises the system.

Changelog v6.5

* added brand new attack vector HTA attack and incorporated powershell injection into it
* fixed a prompt that would cause double IP questions in certain attack vectors
* slimmed down powershell injection http/https attack vectors in order to use in payload delivery
* added exploit to browser attack Adobe Flash Player ByteArray Use After Free (2015-07-06)
* added exploit to browser attack Adobe Flash Player Nellymoser Audio Decoding Buffer Overflow (2015-06-23)
* added exploit to browser attack Adobe Flash Player Drawing Fill Shader Memory Corruption (2015-05-12)

In order to download SET please visit Github:

https://github.com/trustedsec/social-engineer-toolkit

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.