Chapter 9. Client-Side Attacks and Social Engineering
In this chapter, we will cover:
- Creating a password harvester with SET
- Using previously saved pages to create a phishing site
- Creating a reverse shell with Metasploit and capturing its connections
- Using Metasploit's browser_autpwn2 to attack a client
- Attacking with BeEF
- Tricking the user to go to our fake site
Introduction
Most of the techniques that we have seen so far in this book try to exploit some or the other vulnerability or design flaw on the server and gain access to it or extract information from its database. There are other kinds of attacks that use the server to exploit vulnerabilities on the user's software or try to trick the user to do something they wouldn't do under normal circumstances, ...
Get Kali Linux Web Penetration Testing Cookbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
