Skip to Main Content
July 23, 2015

The Social-Engineer Toolkit (SET) v6.5 "Mr Robot" released!

Written by David Kennedy
Security Testing & Analysis Social Engineering
The next major revision of The Social-Engineer Toolkit (SET) v6.5 codename "Mr Robot" has just been released. The codename is in celebration of the TV show Mr Robot featuring SET last night! Kudos to them for having some amazing tech writers and appreciate the shoutout on the show.
This version incorporates a new HTA web attack vector (thanks Justin Elze aka ginger) for sharing the attack vector with me. This attack allows you to clone a website and inject an HTA file which compromises the system. Additionally, we've added a lot of the new exploits including the hacking team adobe zero-day, and others from Metasploit. Full changelog below: ~~~~~~~~~~~~~~~~ version 6.5 ~~~~~~~~~~~~~~~~ * added brand new attack vector HTA attack and incorporated powershell injection into it * fixed a prompt that would cause double IP questions in certain attack vectors * slimmed down powershell injection http/https attack vectors in order to use in payload delivery * added exploit to browser attack Adobe Flash Player ByteArray Use After Free (2015-07-06) * added exploit to browser attack Adobe Flash Player Nellymoser Audio Decoding Buffer Overflow (2015-06-23) * added exploit to browser attack Adobe Flash Player Drawing Fill Shader Memory Corruption (2015-05-12)