Welcome to the Tutorials section, this section has a number of tutorials to get you familiar with the Social-Engineer Toolkit.

Utilizing Browser Exploits with Metasploit with A/V Evasion through JavaScript Obfuscation

01 Social-Engineer Toolkit (SET) – Introduction

Below is a tutorial and introduction into the Social-Engineer Toolkit, this section will give you a brief introduction into the toolkit and give a detailed explanation of the SET configuration file that can be used to customize SET to add or remove functionality within the tool.

02 Social-Engineer Toolkit (SET) – Credential Harvester Method

In the next tutorial you will learn how to configure SET in order to utilize the Credential Harvester Attack Method. This method allows you to clone a website and auto rewrite the post parameters to be able to successfully harvest credentials as well as go through the report exports.

03 Social-Engineer Toolkit (SET) – Java Applet Attack Vector

In the next tutorial you will learn how to utilize SET with the Thomas Werth Java Applet Attack Vector. This Java Applet is a universal payload for Linux/OSX/Windows and works with a fully patched system. This method is one of the most reliable methods for exploitation within the Social-Engineer Toolkit.

04 Social-Engineer Toolkit (SET) – Spear-Phishing Attack Method

This latest tutorial will walk you through the Spear-Phishing attack method. This method will allow you to perform advanced spear-phishing attacks utilizing E-Mail attack vectors coupled with fileformat bugs.

05 Social-Engineer Toolkit (SET) – Version 0.6.1 Catch-up

Instead of redoing all of the tutorials, this is a catch-up tutorial that bridges the gap between 0.5 and 0.6.1, a significant release in the Social-Engineer Toolkit. This version incorporates a number of bug fixes, new attack vectors, and new options. Included in this tutorial is the Teensy USB/HID Attack Vector, the Man Left in the Middle Attack Vector, and the TabNabbing attack vector.