We’ve learned how to do Cookie Stealing in the last post through XSS vulnerabilities. Some of you might be wondering (I was curious too in the beginning) why cookie can be so important for the attacker and that is exactly the reason why I choose this topic for my post.
Attention: This post is for educational purposes only. I do not advise or encourage anyone to do the following process for malicious reasons.
Phishing is the attempt to obtain sensitive information such as usernames, passwords, and credit card details by disguising as a trustworthy entity in an electronic communication. Phishing might be useful during the Social Engineering step in Kali Linux Penetration Testing process. Social engineering is the practice of learning and obtaining valuable information by exploiting human vulnerabilities.
In this post, I’m going to show you how to create a phishing website using 2 methods: BeEF XSS Framework and SET. Not only that, I’ll talk about how a hacker persuades their target to go to his/her fake website and obtain the important information.