Social Engineering Toolkit (SET) is an advanced and easy-to-use computer-assisted social engineering toolset, created by the founders of TrustedSec.
Now, I will try to create a fake login page using SET and credential harvester. The goal is to obtain the email and password of a target.
Open your terminal on Kali Linux, type setoolkit
After that, there will be the main menu. In this case, type 1, because we try to perform a social engineering attack
Then type 2
Type 3, and then 2
Type the Kali IP
Then type the page you want to clone. Make sure it has a login template. In my case, I use facebook.
After that, open the browser and type the IP, and it will display the facebook login page interface.
NOTE: this is not the real page, it is a clone
Then type an email and password example, then click ‘masuk’
Then it will direct to the original page
Open the terminal again, there will be list activities that happened to the cloned page. Scroll down to the username field and password field. It stated the email and the password that inputted before.
The username and password already obtained.