Samer Aoudi
EH Pentest Lab Environment Network Traffic Analysis Wi-Fi Security Malware Analysis Reconnaissance Social Engineering Network & Port Scanning Sniffing Attacks Intrusion Detection & Prevention
Courses CTF Platform Security Tools Commands Cheatsheet Awareness Blog About
Social Engineering

In this practical activity, you will use various tools to perform and counter social engineering attacks.

Why this activity? People are the weakest link in the information security chain. Social Engineering is the process of manipulating people to give out sensitive information. After all, the easiest way to get someone's password is to ask for it!

Prerequisite Knowledge: Kali Linux
Requirements: Lab Environment Setup
Duration: 60+min
Files: None
Related Videos:
Coming Soon
Task #1: Phishtank
Social Engineering is the art of manipulating people to divulge sensitive information to use it to perform some malicious action.
PhishTank is a collaborative clearing house for data and information about phishing on the Internet. Also, PhishTank provides an open API for developers and researchers to integrate anti-phishing data into their applications at no charge.

In this activity, you will identify Phishing email, examine the signs that expose them, and report them to PhishTank.

Expert Mode
  1. Visit PhishTank, locate, and examine recent Phishing submission
  2. Identify properties like domain, date, and so on
Regular Mode
Task in details »
  1. Go to PhishTank and click the ID link of any recent submission
  2. Examine the details of the submission and discuss your findings with a classmate
    3. Note: To answer related questions, you will need to be able to locate the technical details of a submission
  3. Go back to the homepage and test few websites you know to see whether or not they are in the “tank”
  4. In the homepage, copy/paste this address (Note: Do NOT visit the website): https://wictziggos.net
  5. Is the site above a phish? Was any site you tested a phish? Discuss with your class
    6. Report Phishing: To perform the next steps, you will need a phishing email
  6. Search your inbox and spam folders for recent suspicious emails. If you cannot find one, ask your classmates
  7. See an example
  8. Test the website you retrieved from the phishing email above (Did PhishTank identify the website as phishing?)
  9. If PhishTank did NOT identify the website as a phish, we must report it
  10. Register for free and login
  11. Report the website
    12. Note: If registration is disabled, you may skip the reporting steps
WHOIS is a query and response protocol that is widely used for querying databases that store the registered users or assignees of an Internet resource, such as a domain name
ICANN is the Internet Corporation for Assigned Names and Numbers. It is an internationally organized non-profit corporation that, among other things, oversees IP address space allocation and top-level domain (TLD) management.

In this activity, you will use The Social Engineering Toolkit (SET) to harvest login credentials from unsuspecting victims

Expert Mode
  1. Use the Credential Harvester Attack Method in the SET to harvest login credentials for https://www.facebook.com
Regular Mode
Task in details »
  1. Start the Social Engineering Toolkit in your Kali’s Social Engineering Tools group
  2. If this is the first time you are using the SET, agree to the terms of service
    3. SET Menu
  3. Type 4 to update the SET and hit Enter set> 4
  4. Type 1 to select Social Engineering Attacks set> 1
  5. Type 2 to select the Website Attack Vectors set> 2
  6. Type 3 to select the Credential Harvester Attack Method set:webattack> 3
  7. Type 1 to select the Web Templates set:webattack> 1
  8. Type your Kali’s IP address for the post back IP address for the POST back in Harvester/Tabnabbing [<Kali IP>]: <Kali IP>
  9. In the final step, select a template (e.g., Twitter) set:webattack> Select a template: 3
  10. Open the browser in your host (or in Kali) and type the IP address of Kali
  11. Enter any fake username/password and attempt to log in
  12. Go back to SET and note that the username and password were posted back to our Credential Harvester
    13. Credentials
  13. Take a screenshot of the harvested username and password as an evidence of completion
Name
Red fields are required.
VirusTotal
SET
PhishTank
True
False
Credential Harvester
Site Cloner
Facebook Attack
Give people your IP address
Create a website that looks like the used template (e.g., Twitter)
Do nothing

               
© Samer Aoudi 2005-2024