webpen.tar.gz

shodan_api

Wireshark

chrome

Burp

frog

proxychains

encoder

setoolkitChrome

chromeShark

juiceshop

BurpChrome

This course is intended for people interested in information security—particularly in the penetration testing of various websites—to identify the security flaws present in the majority of newly developed websites and how to fix them. 

You will learn web penetration testing techniques using the Kali Linux operating system. You will be introduced to Python programming, web server technology, network management, open source intelligence, cross-site scripting, SQL injection, authentication and authorization in systems, cross-site request forgery, social engineering attacks, and concepts in information security management. 

Your knowledge of the various web application vulnerabilities and attack methods will be enhanced after taking this course. You will get hands-on experience with many tools used in online penetration testing in cyber security.

Web Application Penetration Testing

## What is the SET?

**Social engineering** is sometimes referred to as the art or science of manipulation. Since it involves the human element, social engineering attacks need to be highly flexible and attackers need to switch strategies on the fly, especially when aiming for particularly high-profile or difficult targets. After conducting due research on their target, the attacker plays off deep, human-rooted impulses, such as fear, anxiety, desire, and empathy. The attacker hijacks the target's train of thought and manipulates them to do their bidding without giving themselves away.

In order to automate the ever-changing vectors of social engineering attacks, cybersecurity firm TrustedSec released the [Social-Engineer Toolkit](https://github.com/trustedsec/social-engineer-toolkit) (SET). Ever since its release, it has gained a huge following, and many of the previously discussed types of social engineering attacks can now be performed in a few button presses.

The SET can be used to perform a variety of social engineering attacks. Unfortunately, most of these attack vectors involve the Windows operating system or Windows versions of software. Therefore, we'll only be able to see a limited potential of its power.

# What is the SET?

**Social engineering** is sometimes referred to as the art or science of manipulation. Since it involves the human element, social engineering attacks need to be highly flexible and attackers need to switch strategies on the fly, especially when aiming for particularly high-profile or difficult targets. After conducting due research on their target, the attacker plays off deep, human-rooted impulses, such as fear, anxiety, desire, and empathy. The attacker hijacks the target's train of thought and manipulates them to do their bidding without giving themselves away.

In order to automate the ever-changing vectors of social engineering attacks, cybersecurity firm TrustedSec released the [Social-Engineer Toolkit](https://github.com/trustedsec/social-engineer-toolkit) (SET). Ever since its release, it has gained a huge following, and many of the previously discussed types of social engineering attacks can now be performed in a few button presses.

The SET can be used to perform a variety of social engineering attacks. Unfortunately, most of these attack vectors involve the Windows operating system or Windows versions of software. Therefore, we'll only be able to see a limited potential of its power.

Get introduced to how the SET is used to perform fundamental social engineering attacks.

Introduction to the Course

Introduction to Linux

Introduction to Python

Web and Server Technology

Network Management and Analysis

Open-Source Intelligence

Cross-Site Scripting

SQL Injection

Authentication and Authorization

Cross-Site Request Forgery

Social Engineering Attacks

Broader Security Concepts

Wrapping Up

Social-Engineer Toolkit (SET)

What is the SET?