Sunday, November 7, 2010

The Social-Engineer Toolkit v1.0 “Devolution” Release

This version adds several key components including new attack vectors, a web GUI interface, a way to automate SET behavior, and a slew of bug fixes.

The Social-Engineering Toolkit (SET) is a python-driven suite of custom tools which solely focuses on attacking the human element of pentesting. It's main purpose is to augment and simulate social-engineering attacks and allow the tester to effectively test how a targeted attack may succeed. Currently SET has two main methods of attack, one is utilizing Metasploit payloads and Java-based attacks by setting up a malicious website (which you can clone whatever one you want) that ultimately delivers your payload. The second method is through file-format bugs and e-mail phishing. The second method supports your own open-mail relay, a customized sendmail open-relay, or Gmail integration to deliver your payloads through e-mail. The goal of SET is to bring awareness to the often forgotten attack vector of social-engineering.

More info and Download:

Metasploit Framework 3.5.0 Released 2010-10-20

Metasploit provides useful information and tools for penetration testers, security researchers, and IDS signature developers. This project was created to provide information on exploit techniques and to create a functional knowledgebase for exploit developers and security professionals. The tools and information on this site are provided for legal security research and testing purposes only. Metasploit is an open source project managed by Rapid7
Version 3.5.0 of the Metasploit penetration testing framework has been released, including 613 exploits, 306 auxiliary modules, and 215 payloads. This release includes major improvements to the database backend, session handling, pivoting, and the Meterpreter. While the old Web and GTK GUIs have been officially deprecated, this build includes scriptjunkie's brand new Java GUI, which uses the XMLRPC protocol in the same fashion as the commercial products. Zate Berg's Nessus plugin and importer has been integrated, as has support for importing Retina and NetSparker XML output files. The Windows installer no longer uses Cygwin, supports a tabbed native console, and includes PostgreSQL and Java. The Windows user experience has been vastly improved, as the Metasploit Console is now preconfigured with a local database, allowing access to commands like db_import, db_export, and db_nmap right out of the box

233,458,127 bytes (223M)
Windows installer including all dependencies, plus Java, PostgreSQL, and Console2.
[ PGP ] SHA1: 305af613ff330923faa2b723ee128c6eb2700a82
42,254,784 bytes (42M)
Linux 32-bit installer including all dependencies.
[ PGP ] SHA1: c17badf0aaf209c6d6ea9069b97aecde4130e732


Subscribe in Bloglines Msn bot last visit powered by MyPagerank.Net Yahoo bot last visit powered by MyPagerank.Net
I heart FeedBurner downtime checker The Ubuntu Counter Project - user number # 31290

Twitter Delicious Facebook Digg Stumbleupon Favorites More

Powered by TadPole