Social Engineering

The use of deception to manipulate individuals into divulging confidential or personal information that may be used for fraudulent purposes

Methodology / How Hackers Do it

As mentioned above its the use of deception, to trick the victim, unknowingly handing out critical information. There are numerous methods of doing so, hackers use techniques such as phishing, dumpster diving, email spoofing, tailgating etc. The specific use of attack is critical to the “psychological effect and the success rate” you would expect to get out of the target.

Social Engineering Tools used by Hackers

SET - Social Engineering Toolkit

The Social-Engineer Toolkit (SET) is specifically designed to perform advanced attacks against the human element.

Modlishka: Powerful Reverse Proxy

Modlishka is a very powerful Reverse Proxy tool that allows you to run phishing campaigns.

PhEmail – Open Source E-mail Phishing Tool

PhEmail is a python based email phishing tool that automates the process of sending phishing emails as part of a social engineering test.

Camelishing – Social Engineering Tool

The ultimate all-in-one social engineering tool.

King Phisher - Phishing Campaign Toolkit

King Phisher is a tool for testing and promoting user awareness by simulating real world phishing attacks.