This session, we were taught about Social Engineering, which i thought is most versatile way cause it can actually help penetrate a system, even if that system have a very secure security but due to human errors by using social engineering we can find a gap to penetrate the system.

Aside from socializing, there’s a tool for social engineering such as CUPP. This tool is used to find valid passwords based on based on the target’s personal, psychological, and social characteristics.

Another interesting tool introduced to us is SET, we can use this tool by using ‘setoolkit’ and make a fake website using it. The fake website we make can imitate famous socializing websites such as facebook or twitter. From that fake website later on, when the user try to log in, it will send the username and password to us and redirect the user to the actual website, making it not that obvious.