social engineering kya hai
social engineering toolkit
social-engineer toolkit termux
What is social engineering
Today I will tell what is Social Engineering Toolkit
In the language of cyber security, social engineering is the technique in which the hacker tries to achieve his purpose in some way with the help of his mind and methods or by adopting other methods, in which the action of phishing etc. is done. Let's talk about this technique, it is the most popular technique.
Phishing
Phishing - means to catch fish by laying a net, that is, the hacker makes a net and traps his target inside it In the second, the hacker clones a website, sends it to another or publishes it and on which the victim leaves his information such as user id and password etc. and he can easily get it with him. Let's say there are 3 types of phishing
General phishing
1- That is, normal phishing - in this, the hacker shares his cloned page in many places, in which no specific person is targeted, in this they try on many, hunt whatever they get, with the help of social engineering toolkit, any one By cloning the template of the website, share it in any group or publicly and by clicking on it, the victim gives her information .
Spear phishing
Spare Hacking- In this, the target of the hacker is a specific person, that person can also be an employee of a bank, for this type of action, the hacker collects some information about him such as his email address. And then tries to get the bank's important information from him in some way or the other, social engineering toolkit is also used for this type of hacking, with the help of this tool, the hacker can match the name of any sport on that employee's email. And it is written in it that the employee opens that cloned website and fills his details and gives his information to the hacker.
Whaling attack
Whaling Attack - This is the most dangerous attack, in which the hacker makes a big officer of an organization or any corporates his victim and for this he collects information about him for years and then carries out his purpose.
What is social engineering toolkit
Social Engineering Toolkit is free in Kali Linux, to use it, enter it by typing SET in the terminal and its interface opens or you can open it by going to the application, after it is opened, there are some options in this type is
1- Social engineering attack
2- Penetration testing tool
3-Third party attack
4-Update social- engineering- toolkit
5- Configuration social engineering toolkit
How to use social engineering toolkit
Advantage of SET
1 - There are many options in social engineering attack which are used in different ways:
A- from spare fishing attack option is attacked over a particular
B- Website Attack Vector With this method, a website is cloned and its link is sent, it contains some predefined templates, only those can be used.
C- By creating payload and listener, the information of others can be easily taken with the help of this tool, now listner means any one file will be created and that file which will be our payload will give connection to it with its ip and ports and with the help of listner He will be able to see other's system easily this is very important
D-Access Point can be easily hacked with the help of this tool, it will get inbuilt tools like airmon-ng to hack any wireless access point
E-Massler Attack means that with the help of this tool, a particular target can take his information by making a fake name and subject and sending it to him.
By generating F- qr code, you can easily do the information with this tool.
G can also be used by creating third party applications or files. Third party applications are those which are owned by someone else, people should also avoid such applications.
The V feature of the H-power cell attack vector is given under this tool
Penetration testing
1- With the help of this tool, we can easily see the shortcomings of our system, it could be how our database SQL can be tampered with or how can we connect to the database
2- With the help of this tool, you can easily check the shortcomings present in the operating system of your system.
3- Through the browser, which flaws can come in our system, we can easily check
4- You can also practice bruteforce attack and dictionary attack with the help of this toolkit and know the shortcomings of your system
Perform social engineering attack
You can select this option according to your intake and run it according to you, it is very easy to operate, you can easily do it by using the numbers given in it or the steps given.
How to protect from phishing attack
Ways to avoid phishing-
To avoid phishing, it is best that you do not click on any unknown link or make a habit of entering your user and password wrong where the user ID asks for the password, as soon as you enter the wrong ID or password on a fake link. That cloned website will open and take it to the homepage of that website, for example a website has been created by cloning Facebook and if you enter your user and password wrongly, then that homepage will open, then you will understand that This is a cloned one, if it is written that the user and password are wrong then it is correct
As we have mentioned above, this tool is available for many tasks and can get many tasks at one place.
चेतावनी- हैकिंग करना एक कानूनी अपराध है अतः आप ज्ञान केवल अपनी जानकारी के लिए कर सकते हैं
0 Comments