The Social Engineer Toolkit (free download)



The Social-Engineer Toolkit (SET) is specifically designed to perform advanced attacks against the human element. SET has quickly became a standard tool in a penetration testers arsenal. SET is written by David Kennedy (ReL1K) and with a lot of help from the community it has incorporated attacks never before seen in an exploitation toolset. The attacks built into the toolkit are designed to be focused attacks against a person or organization used during a penetration test.

SET is a menu driven based attack system, which is fairly unique when it comes to hacker tools. The decision not to make it command line was made because of how social-engineer attacks occur; it requires multiple scenarios, options, and customizations. If the tool had been command line based it would have really limited the effectiveness of the attacks and the inability to fully customize it based on your target.

Platforms the Social Engineer Toolkit works on.

Windows (experimental)

The latest release of Social-Engineer Toolkit, SET v6.2 codename “Recharge” is now available. This version has a number of features including a redesigned Java Applet for higher and more reliable exploitation. In addition, the powershell injection technique introduced in prior versions of SET has been slimmed down by 18 bytes which allows for more characters inside one attack. This means that the reverse_https/http payloads are now supported for PowerShell Injection.

For the Java Applet, it will now smart detect if PowerShell is installed. If it is installed, it will use the powershell injection and never deploy a binary. If powershell is not installed, it will fall back on a binary. The binaries themselves do absolutely nothing until passed an encrypted string and decrypt shellcode directly into memory. These payloads have been completely rewritten and incorporate virtual machines within the executables as well as anti-debugger detection. If powershell exploitation works appropriately, a binary will never be sent to the system automatically now.

SET version 6.2.

In addition, large portions of the Social Engineer Toolkit  was rewritten to move completely off msfpayload and msfencode which are now being removed inside of Metasploit. All payload generation is either done through dynamic patching of already generated shellcode or through msfvenom directly. In addition, a number of the attacks have been enhanced including the MSSQL bruter attack for more reliability and detection. Additional client-side exploits have been added through Metasploit as well as a number of other additions.

  • changed IP address for the payload listener to specify LHOST
  • included TDS as a standard impacket library
  • added port to MSSQL display when its compromising system
  • moved create_payloads in payloadgen to be compliant with msfvenom creation and moved off msfpayload and msfencode
  • fixed multiple files still using msfpayload or msfvenom
  • fixed a bug that caused a tds exceptions error when using the SQL attack (missing tds library)
  • updated specific wording in setoolkit launcher
  • slimmed powershell injection code to reduce injection code by about 17 bytes
  • completely randomized the java applet to the point where it will randomize the name, no longer uses Signed_Update.jar – there were signatures floating around that were detecting it based on static names
  • randomized and obfuscated pyinjector code base and locked into its own virtual container and debugger protection
  • randomized and obfuscated multi pyinjector code base and locked into its own virtual container and debugger protection
  • added the java applet to now smart detect if powershell is installed, if it is then it will not download an executable which could be used on detection capabilities. Powershell is plenty stable and should not require any deviations for a binary to be downloaded.
  • added ability to check if certain paths are legitimate, if they are will deploy payloads via java applet
  • full msfvenom support and conversion off msfpayload msfencode
  • removed old call for impacket tds compatibility

Download Li

  • Norton

    Wow! it’s good. Now, these days attackers use too many bad activity to enter your computer. Really, this type of tools can help us.