The Social-Engineer Toolkit (SET)


The Social-Engineer Toolkit (SET) is specifically designed to perform advanced attacks
against the human element. SET was designed to be released with the launch and has quickly became a standard tool in a
penetration testers arsenal. SET is written by David Kennedy (ReL1K) and with a lot of
help from the community it has incorporated attacks never before seen in an
exploitation toolset. The attacks built into the toolkit are designed to be focused
attacks against a person or organization used during a penetration test.

SET’s menu

SET is a menu driven based attack system, which is fairly unique when it comes to
hacker tools. The decision not to make it command line was made because of how
social-engineer attacks occur; it requires multiple scenarios, options, and
customizations. If the tool had been command line based it would have really limited
the effectiveness of the attacks and the inability to fully customize it based on your

Followings are just some ataack examples menu items:

 Spear-Phishing Attack Vectors
Website Attack Vectors
 Infectious Media Generator
 Create a Payload and Listener
 Mass Mailer Attack
Arduino-Based Attack Vector
 SMS Spoofing Attack Vector
Wireless Access Point Attack Vector
 QRCode Generator Attack Vector
Powershell Attack Vectors

Supported platforms:

  • Linux
  • Mac OS X (experimental)

For a full document on how to use SET, visit the SET user manual.

DISCLAIMER: This is only for testing purposes and can only be used where strict consent has been given. Do not use this for illegal purposes

Subscribe to our channel and do not miss new collections of tools in various areas of Information Security.

  Posted by: @ESPYER

5 social monitoring tools great for OSINT

5 Social Media Monitoring Tools

In this article we’ll talk about the following social monitoring tools:
Hootsuite, Brand24, Mention, Sprout Social, Synthesio.
For each of these we’ll know the main benefits of using it, as well as reason to chose another tool, based on your needs! Here goes 🙂

Read More »
OSINT Investigating questions

OSINT for Businesses: A Guide to Conducting Due Diligence and Intelligence Investigations

In this article, we’ll explore how businesses can use OSINT techniques to gather information and conduct due diligence and intelligence investigations.

Open-source intelligence (OSINT) is the process of gathering information from publicly available sources to support decision-making and informed action.

For businesses, OSINT can be a valuable tool for conducting due diligence and intelligence investigations, providing a wealth of information on potential partners, competitors, and threats.
However, with the increasing use of artificial intelligence (AI) in online investigations, it’s important to know how to gather information while avoiding detection.

Read More »


A Revolutionary API to Check If Your Personal Information is Compromised.
Are you tired of constantly worrying about your personal information being compromised? Well, let me introduce you to ProfileNINJA, a one-of-a-kind API service listed on the RapidAPI marketplace.

ProfileNINJA takes the hassle out of checking if your personal information has been leaked by searching through databases linked to popular social media platforms like Twitter, Facebook, VK, Instagram, Telegram, and LinkedIn.

Read More »

People Data Lookup API

People Data Lookup API on RapidAPI is a service that allows users to search and retrieve information about individuals using phone number, email address, password, or full name. The API offers accurate and updated information that can be used for various purposes such as fraud detection, verification, and customer engagement. The service is accessible through RapidAPI, a platform that connects developers with over 16,000 APIs.

Read More »


With Shodan Exploit, you will have all your calls on your terminal. It also allows you to make detailed searches.
All you have to do without running Shodansploiti is to add shodan api.

Read More »