Tuesday, May 17, 2011

The Social-Engineer Toolkit (SET) v1.4 released

The Social-Engineer Toolkit v1.4 “YAY DerbyCon” Edition has been released. The main new feature with this is the new addition into the web attack menu. SET now has the ability to help aid in steps needed in creating a code signing certificate. You still need to purchase the code signing certificate, but it will not be directly imported into SET and into the Java Applet attack making the attack much more believable and make the attack much more reliable. Overall, through doing the steps myself, it will cost you around $300-350 to get everything setup. You’ll need to register a business with the state (which takes 5 mins), wait for your papers, then purchase a code signing certificate and sign the apphttp://www.blogger.com/img/blank.giflet with whatever you made your business name. Sounds like a bit of a process I know, but when doing consulting engagements, should be easy to purchase a code signing certificate based on your company name or just register a quick LLC to get it.

Amongst this addition are a number of bug fixes and additions. Full change log can be found below:


No comments: