Credential Harvesting with Social Engineering Toolkit - Ethical Hacking & Offensive Penetration Testing
Credential Harvesting with Social Engineering Toolkit
Credential harvesting can be used with many different types of attacks, but the ultimate goal is to make the user believe he has reached the site that he was trying to get to, such as Facebook or Google, and steal their credentials when they attempt to log in.
Today we will learn how to clone any website and get credential
- First open your kali Linux in your laptop/pc
- Go to your application section and search for social-engineering tools,and click on it and then select social engineering toolkit from there.
- When You access social engineering toolkit the new page will open then you have to enter “1” For Social-Engineering Attacks.
- Then Select “2” for Website Attack Vectors.
8. Then select “3” for Credential Harvester Attack Method
9 Then select “2” for Site Cloner.
9.When you entered in site cloner the you have to press 2 times “enter”key there then new pop-up will open and there you have to enter your target “url” which you want to make a clone ,and they also allot a i.p which you you have to share with your target.
In my case I will chose facebook url www.facebook.com
Copy this i.p address from your terminal and send it to your target through email phishing process.
Lets see what happen when your target open your url
See you get your target username and password !!!
Conclusion:-Always check link by hovering over the URL or by sending it to virustotal before clicking any suspicious link.