Monday, February 20, 2012

The Social-Engineer Toolkit (SET) v.3.0 Released

 The Social-Engineer Toolkit (SET) is an open source tool for penetration testers to leverage sophisticated attacks and test the effectiveness of the education and awareness program as well as security controls. 

This release has been one of the most challenging ones thus far with the largest changelog, code rehaul, and features! 

1. Support for Windows – Tested on XP, Windows 7, and Windows Vista. Note that the Metasploit-based payloads to not work yet – when SET detects Windows they will not be shown only RATTE and SET Shell 
2. New attack vector added – QRCode Attack – Generates QRCodes that you can direct to SET and perform attacks like the credential harvester and Java Applet attacks 
3. Improved A/V avoidance on the SETShell and better performance. I’ve also fixed the non-encrypted communications when AES was not installed 
4. Added a number of improvements and enhancements to all aspects of SET including major rehauls of the coding population and moved from things like subprocess.Popen(“mv etc.”) to shutil.copyfile(“etc”) 
5. Rehauled SET Interactive Shell and RATTE to support Windows 
6. New Metasploit exploits added to SET 

Video demo:  

Download & Full changelog :

No comments: