Demonstration of basic simulated social engineering attacks using Metasploit, including post-exploitation with Meterpreter (also check out Social-Engineer Toolkit) - Hope you enjoy 🙂
* EDUCATIONAL - this is content from isolated, virtual labs. I was asked to prepare this demo for a social engineering/phishing section of undergraduate security module. I do not condone any illegal activities, there's plenty of amazing CTF resources out there, including realistic systems on VulnHub, HackTheBox, TryHackMe etc. No need to break the law :) *
↢Social Media↣
Twitter: / _cryptocat
GitHub: github.com/Crypto-Cat
HackTheBox: app.hackthebox.eu/profile/11897
LinkedIn: / cryptocat
Reddit: / _cryptocat23
KZitem: / cryptocat23
Twitch: / cryptocat23
↢Resources↣
www.imperva.com/learn/applica...
www.tripwire.com/state-of-sec...
www.online-tech-tips.com/wind...
docs.rapid7.com/metasploit/ms...
www.offensive-security.com/me...
www.trustedsec.com/tools/the-...
securitytrails.com/blog/the-s...
↢Chapters↣
Start - 0:00
Phishing basic auth credentials with MSF - 3:02
Creating malicious PDF in Metasploit - 8:37
Post-exploitation with Meterpreter - 12:52
Dump hashes, getsystem, migrate - 14:20
Post gather modules - 16:40
Establish persistence - 17:40
Screenshot/keylogger - 18:40
Kiwi (mimikatz) plugin - 20:35
Local exploit suggestor - 23:41
Exploit local vuln (privesc) - 25:40
Explore additional plugins - 28:57
Setup Social Engineer Toolkit (buggy) - 32:31
Investigate SET modes and features - 34:41
Credential Harvester Attack - 35:40
Browser autopwn (hail mary) - 38:30
Explore remaining modes - 45:11
Негізгі бет Ғылым және технология Simulating Basic Attacks with Metasploit and Social Engineer Toolkit
Пікірлер: 38