The Social-Engineer Toolkit (SET) v7.3.7 Codename: ‘Underground’.

Roadmap and CHANGELOG version 7.3.7 CODENAME Underground:

* replaced powershell prep with the old one – it broke almost all powershell injection in SET

* fixed an issue that would cause scanner to continue to scan even when port not discovered (function issue)

+ version 7.3.6:

* fixed a bug around mssql bruter and code enhancement changes

+ version 7.3.5:

* fixed an issue that would cause psexec fasttrack to not properly work based on with open

+ version 7.3.4:

* fixed an issue with mssql bruter that would cause it to fail over to nmap scans even if host wasn’t valid

* fixed an issue that would cause UDP to not work properly when scanning subnet ranges

* improved handling and descriptions in mssql

* fixed error in mssql bruter error handling exception

* fixed an issue that would cause TDS to error out when directly connecting to MSSQL server

* removed impacket TDS from src.core and added impacket.tds

* updated requirements.txt for impacket

* fixed a bug when using certutil method and pairing directory strings

* fixed automatic brute on mssql server when single host was scanned

* fixed spacing issue on msfconsole -r was set to msfconsole-r

+ version 7.3.3
* code audit and cleanup (much appreciated Cabalist)
* fixed set.options error if file isnt found

+ version 7.3.2:
* fixed an issue if python-requests was not installed it would bomb the module and SET out

+ version 7.3.1:
* PR for better python3 and pep8 handling – (thanks Cabalist)
* added better handling around SMS spoofing and if legacy version of openssl is around
* updated requirements.txt
* added setdir definition from setdir to core.setdir on setoolkit
* removed old version of Signed_update.jar.orig, updated .gitignore to include .jar, and removed old version of unsigned.jar

+ version 7.3:
* completely rewrote the SMS spoofing module from scratch to use which the folks over there are super helpful and provided an undocumented API to be used within SET. This now works great and has been extensively tested.
* sped up the load process when using the main menu system the loading would pull from github each time the show_banner() function was called – this only loads once per SET load now
* fixed a string integer error from input to raw_input in the RDP DOS use after free in exploits
* added libapache2-mod-php to – needed for credential harvester
* added python-requests to – needed for sms spoofing
* added better check for python-requests in sms spoofing
* added better formating within sms spoofing
* added error handling to sms spoofing if something goes wrong during auth process
* removed socket error when no internet connection using update check
* use global lock for checking previous use on update
* general cleanup of setcore
* cleaned up setup file and added better descriptions
* fixed a bug that would cause fsattack to not load properly
* moved from pulling entire setcore which is a few thousand lines to adding src/core/set.version which contains the version – much faster in pulling down
* fixed a bug in dell drac that caused it to error out
* added timeout delay for pulling new version biggest challenge here is that urllib base is socket and socket timeout is tied to gethostbyname() which does not support a timeout, needed to add multiprocessing poll for 8 seconds to add timeout delay when checking for updates
* added check for urllib for python2 and python3 compatibility
* changed delldrac to python 2 to 3 compatibility and rewrote requests to use solid urlopen instead of requests
* added keyboard exception handling for urllib pull for version


social-engineer-toolkit codename underground

::Main Menu::
* Social-Engineering Attacks:
1) Spear-Phishing Attack Vectors
2) Website Attack Vectors
3) Infectious Media Generator
4) Create a Payload and Listener
5) Mass Mailer Attack
6) Arduino-Based Attack Vector
7) Wireless Access Point Attack Vector
8) QRCode Generator Attack Vector
9) Powershell Attack Vectors
10) SMS Spoofing Attack Vector
11) Third Party Modules

* Penetration Testing (Fast-Track):
1) Microsoft SQL Bruter
2) Custom Exploits
3) SCCM Attack Vector
4) Dell DRAC/Chassis Default Checker
5) RID_ENUM – User Enumeration Attack
6) PSEXEC Powershell Injection

* Third Party Modules
* Update the Social-Engineer Toolkit
* Update SET configuration

set v7.1

set v7.1

The Social Engineering Toolkit v7.0.6

The Social Engineering Toolkit v7.0.6

DISCLAIMER: This is only for testing purposes and can only be used where strict consent has been given. Do not use this for illegal purposes, period.

The Social-Engineer Toolkit is an open-source penetration testing framework designed for social engineering. SET has a number of custom attack vectors that allow you to make a believable attack quickly. SET is a product of TrustedSec, LLC – an information security consulting firm located in Cleveland, Ohio.

1) Social-Engineering Attacks
2) Fast-Track Penetration Testing
3) Third Party Modules
4) Update the Social-Engineer Toolkit
5) Update SET configuration
6) Help, Credits, and About

99) Exit the Social-Engineer Toolkit

Supported platforms
+ Linux
+ Mac OS X


Source: | Our  Post Before | | v7.3.7.tar.gz