Sunday, 28 May 2017

Create phishing pages using Social-Engineer Toolkit

Social-Engineer Toolkit is one of the best tool penetration tools available in any hacking distros. It comes pre-installed with every hacking distro out there. It was developed to attack against human element. In this tutorial, we are going to create phishing pages using SET. Social-Engineer Toolkit is a Python-based tool which is developed by TrustedSec. 

Create phishing pages

Create phishing pages using Social-Engineer Toolkit

Installing Social-Engineer Toolkit

If you are using any hacking distro you don't need to install Social-Engineer Toolkit. It comes pre-installed and pre-configured. Use the following commands to install Social-Engineer Toolkit on any Linux distro.

sudo apt-get install git
git clone https://github.com/trustedsec/social-engineer-toolkit/ set/
cd set
python setup.py install

Cloning any website to create phishing page

  • Open terminal and type setoolkit to start Social-Engineer Toolkit.
  • Type 1 to select Social-Engineering Attacks.
  • Type 2 to select website attack vectors.
  • Enter 3 to select Credential Harvester Attack Method.
  • In Credential Harvester Attack Method we get three different options I am going to choose site cloner to create phishing pages.
  • Now we have to enter out ip address. I am going to enter my local IP.

create phishing pages

  • In next step enter the URL of the website whose you are going to create phishing page. I am going to enter www.facebook.com.

Create phishing pages

  • In next step, Social-Engineer Toolkit will run Apache server and host phishing files on Apache server.
  • Now you can send your IP to the victim and wait till they enter the credentials. 

Create phishing pages

  • In above image, you can see credentials entered by a victim.
  • This is how you can create phishing pages using Social-Engineer Toolkit.


  • Make sure to install apache server on your Linux distro.
  • If you want to use public IP then you have to port forward your router.
  • This tutorial is for only an educational purpose.

No comments:

Post a Comment

Share your problems but don't spam here