Setoolkit is a frameworks focused mainly on social engineering. This tools consists of site duplicating tools, Java applet attacking tools and many other social engineering tools. In this post site duplicating will be demoed. As mentioned by the name site duplicating attack is a method to attack by duplicating a sites and send the site to the victim in order to get credentials information. An alternative to launch this attack is through dns spoofing which will be explained here.

1. To use the setoolkit frameworks type in the command “setoolkit” in the terminal:

2. after landed in the frameworks choose for social engineering attacks option.

3.next choose for web attack vector option

4.select for credential harvester attacks

And then choose for site cloner option

5.enter your ip address or any server address that you want to use as the host of attacks.

6.type in the url of the websites that is going to be cloned

7.open browser from another pc or vm and type in the ip of the attacker.

8. now any data filled by the victim will be recorded in the Setoolkit.