\documentclass[10pt,a4paper]{article} % Packages \usepackage{fancyhdr} % For header and footer \usepackage{multicol} % Allows multicols in tables \usepackage{tabularx} % Intelligent column widths \usepackage{tabulary} % Used in header and footer \usepackage{hhline} % Border under tables \usepackage{graphicx} % For images \usepackage{xcolor} % For hex colours %\usepackage[utf8x]{inputenc} % For unicode character support \usepackage[T1]{fontenc} % Without this we get weird character replacements \usepackage{colortbl} % For coloured tables \usepackage{setspace} % For line height \usepackage{lastpage} % Needed for total page number \usepackage{seqsplit} % Splits long words. %\usepackage{opensans} % Can't make this work so far. Shame. Would be lovely. \usepackage[normalem]{ulem} % For underlining links % Most of the following are not required for the majority % of cheat sheets but are needed for some symbol support. \usepackage{amsmath} % Symbols \usepackage{MnSymbol} % Symbols \usepackage{wasysym} % Symbols %\usepackage[english,german,french,spanish,italian]{babel} % Languages % Document Info \author{screenlookking} \pdfinfo{ /Title (social-engineering-toolkit.pdf) /Creator (Cheatography) /Author (screenlookking) /Subject (Social Engineering Toolkit Cheat Sheet) } % Lengths and widths \addtolength{\textwidth}{6cm} \addtolength{\textheight}{-1cm} \addtolength{\hoffset}{-3cm} \addtolength{\voffset}{-2cm} \setlength{\tabcolsep}{0.2cm} % Space between columns \setlength{\headsep}{-12pt} % Reduce space between header and content \setlength{\headheight}{85pt} % If less, LaTeX automatically increases it \renewcommand{\footrulewidth}{0pt} % Remove footer line \renewcommand{\headrulewidth}{0pt} % Remove header line \renewcommand{\seqinsert}{\ifmmode\allowbreak\else\-\fi} % Hyphens in seqsplit % This two commands together give roughly % the right line height in the tables \renewcommand{\arraystretch}{1.3} \onehalfspacing % Commands \newcommand{\SetRowColor}[1]{\noalign{\gdef\RowColorName{#1}}\rowcolor{\RowColorName}} % Shortcut for row colour \newcommand{\mymulticolumn}[3]{\multicolumn{#1}{>{\columncolor{\RowColorName}}#2}{#3}} % For coloured multi-cols \newcolumntype{x}[1]{>{\raggedright}p{#1}} % New column types for ragged-right paragraph columns \newcommand{\tn}{\tabularnewline} % Required as custom column type in use % Font and Colours \definecolor{HeadBackground}{HTML}{333333} \definecolor{FootBackground}{HTML}{666666} \definecolor{TextColor}{HTML}{333333} \definecolor{DarkBackground}{HTML}{0DD9E0} \definecolor{LightBackground}{HTML}{EFFCFD} \renewcommand{\familydefault}{\sfdefault} \color{TextColor} % Header and Footer \pagestyle{fancy} \fancyhead{} % Set header to blank \fancyfoot{} % Set footer to blank \fancyhead[L]{ \noindent \begin{multicols}{3} \begin{tabulary}{5.8cm}{C} \SetRowColor{DarkBackground} \vspace{-7pt} {\parbox{\dimexpr\textwidth-2\fboxsep\relax}{\noindent \hspace*{-6pt}\includegraphics[width=5.8cm]{/web/www.cheatography.com/public/images/cheatography_logo.pdf}} } \end{tabulary} \columnbreak \begin{tabulary}{11cm}{L} \vspace{-2pt}\large{\bf{\textcolor{DarkBackground}{\textrm{Social Engineering Toolkit Cheat Sheet}}}} \\ \normalsize{by \textcolor{DarkBackground}{screenlookking} via \textcolor{DarkBackground}{\uline{cheatography.com/147133/cs/31956/}}} \end{tabulary} \end{multicols}} \fancyfoot[L]{ \footnotesize \noindent \begin{multicols}{3} \begin{tabulary}{5.8cm}{LL} \SetRowColor{FootBackground} \mymulticolumn{2}{p{5.377cm}}{\bf\textcolor{white}{Cheatographer}} \\ \vspace{-2pt}screenlookking \\ \uline{cheatography.com/screenlookking} \\ \end{tabulary} \vfill \columnbreak \begin{tabulary}{5.8cm}{L} \SetRowColor{FootBackground} \mymulticolumn{1}{p{5.377cm}}{\bf\textcolor{white}{Cheat Sheet}} \\ \vspace{-2pt}Published 2nd May, 2022.\\ Updated 2nd May, 2022.\\ Page {\thepage} of \pageref{LastPage}. \end{tabulary} \vfill \columnbreak \begin{tabulary}{5.8cm}{L} \SetRowColor{FootBackground} \mymulticolumn{1}{p{5.377cm}}{\bf\textcolor{white}{Sponsor}} \\ \SetRowColor{white} \vspace{-5pt} %\includegraphics[width=48px,height=48px]{dave.jpeg} Measure your website readability!\\ www.readability-score.com \end{tabulary} \end{multicols}} \begin{document} \raggedright \raggedcolumns % Set font size to small. Switch to any value % from this page to resize cheat sheet text: % www.emerson.emory.edu/services/latex/latex_169.html \footnotesize % Small font. \begin{multicols*}{3} \begin{tabularx}{5.377cm}{x{2.4885 cm} x{2.4885 cm} } \SetRowColor{DarkBackground} \mymulticolumn{2}{x{5.377cm}}{\bf\textcolor{white}{Menu Options}} \tn % Row 0 \SetRowColor{LightBackground} {\bf{1}} {\emph{Social-Engineering Attacks}} & Various social engineering attacks \tn % Row Count 2 (+ 2) % Row 1 \SetRowColor{white} {\bf{2}} {\emph{Penetration Testing (Fast Track)}} & Attack vectors with a series of exploits and automation aspects to assist in penetration testing \tn % Row Count 7 (+ 5) % Row 2 \SetRowColor{LightBackground} {\bf{3}} {\emph{Third Party Modules}} & Third party modules such as RATTE and google analytic attacks \tn % Row Count 11 (+ 4) % Row 3 \SetRowColor{white} {\bf{4}} {\emph{Update the Social-Engineer Toolkit}} & Updates SET and all of its modules \tn % Row Count 14 (+ 3) % Row 4 \SetRowColor{LightBackground} {\bf{5}} {\emph{Update SET configuration}} & Applies any updates made to the set.config file \tn % Row Count 17 (+ 3) % Row 5 \SetRowColor{white} {\bf{6}} {\emph{Help, Credits, and About}} & Shows all of the credits as well as links to the official SET documentation \tn % Row Count 21 (+ 4) % Row 6 \SetRowColor{LightBackground} {\bf{99}} {\emph{Exit the Social-Engineer Toolkit}} & Exits SET as well as exiting any menu from within the modules \tn % Row Count 25 (+ 4) \hhline{>{\arrayrulecolor{DarkBackground}}--} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{5.377cm}{p{0.4577 cm} x{3.6616 cm} p{0.4577 cm} } \SetRowColor{DarkBackground} \mymulticolumn{3}{x{5.377cm}}{\bf\textcolor{white}{Social Engineering Attacks}} \tn % Row 0 \SetRowColor{LightBackground} \mymulticolumn{3}{x{5.377cm}}{{\bf{Spear-Phishing Attack Vectors}}} \tn % Row Count 1 (+ 1) % Row 1 \SetRowColor{white} & {\emph{Allows you to specially craft emails and send to any number of people with attached fileformat malicious payloads}} & \tn % Row Count 5 (+ 4) % Row 2 \SetRowColor{LightBackground} \mymulticolumn{3}{x{5.377cm}}{{\bf{Website Attack Vectors}}} \tn % Row Count 6 (+ 1) % Row 3 \SetRowColor{white} & {\emph{The Web Attack module is a unique way of utilizing multiple web-based attacks in order to compromise the intended victim. Attacks include Java Applet, Metasploit Browser Exploit, Credential Harvester, Tabnabbing and Web Jacking}} & \tn % Row Count 14 (+ 8) % Row 4 \SetRowColor{LightBackground} \mymulticolumn{3}{x{5.377cm}}{{\bf{Infectious Media generator}}} \tn % Row Count 15 (+ 1) % Row 5 \SetRowColor{white} & {\emph{The Infectious USB/CD/DVD module will create an autorun.inf file and a Metasploit payload. When the DVD/USB/CD is inserted, it will automatically run if autorun is enabled}} & \tn % Row Count 21 (+ 6) % Row 6 \SetRowColor{LightBackground} \mymulticolumn{3}{x{5.377cm}}{{\bf{Create a Payload and Listener}}} \tn % Row Count 22 (+ 1) % Row 7 \SetRowColor{white} & {\emph{Various Windows payload/listeners ranging from meterpreter sessions to VNC servers on the victim }} & \tn % Row Count 26 (+ 4) % Row 8 \SetRowColor{LightBackground} \mymulticolumn{3}{x{5.377cm}}{{\bf{Mass Mailer Attack}}} \tn % Row Count 27 (+ 1) % Row 9 \SetRowColor{white} & {\emph{Sends phishing email to single email or various pulled from a user created list}} & \tn % Row Count 30 (+ 3) \end{tabularx} \par\addvspace{1.3em} \vfill \columnbreak \begin{tabularx}{5.377cm}{p{0.4577 cm} x{3.6616 cm} p{0.4577 cm} } \SetRowColor{DarkBackground} \mymulticolumn{3}{x{5.377cm}}{\bf\textcolor{white}{Social Engineering Attacks (cont)}} \tn % Row 10 \SetRowColor{LightBackground} \mymulticolumn{3}{x{5.377cm}}{{\bf{Arduino-Based Attack Vector}}} \tn % Row Count 1 (+ 1) % Row 11 \SetRowColor{white} & {\emph{Utilizes the Arduin-based device to program the device. You can leverage the Teensy's, which have onboard storage and can allow for remote code execution on the physical system. Devices are registered as USB Keyboard's and will bypass any autorun disabled or endpoint protection on the system}} & \tn % Row Count 11 (+ 10) % Row 12 \SetRowColor{LightBackground} \mymulticolumn{3}{x{5.377cm}}{{\bf{Wireless Access Point Attack Vector}}} \tn % Row Count 12 (+ 1) % Row 13 \SetRowColor{white} & {\emph{Creates a rogue access point and redirect victims back to the SET web server when associated}} & \tn % Row Count 15 (+ 3) % Row 14 \SetRowColor{LightBackground} \mymulticolumn{3}{x{5.377cm}}{{\bf{QRCode Generator Attack Vector}}} \tn % Row Count 16 (+ 1) % Row 15 \SetRowColor{white} & {\emph{Creates a QRCode for any URL entered. Can be paired with additional attack vectors within SET to deploy the QRCode to the victim}} & \tn % Row Count 21 (+ 5) % Row 16 \SetRowColor{LightBackground} \mymulticolumn{3}{x{5.377cm}}{{\bf{Powershell Attack Vectors}}} \tn % Row Count 22 (+ 1) % Row 17 \SetRowColor{white} & {\emph{Allows you to create PowerShell Specific attacks such as shellcode injectors, reverse shells and bind shells}} & \tn % Row Count 26 (+ 4) \hhline{>{\arrayrulecolor{DarkBackground}}---} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{5.377cm}{X} \SetRowColor{DarkBackground} \mymulticolumn{1}{x{5.377cm}}{\bf\textcolor{white}{Penetration Testing (Fast-Track)}} \tn % Row 0 \SetRowColor{LightBackground} \mymulticolumn{1}{x{5.377cm}}{{\bf{Microsoft SQL Bruter}}} \tn % Row Count 1 (+ 1) % Row 1 \SetRowColor{white} \mymulticolumn{1}{x{5.377cm}}{{\emph{Will attempt to identify live MSSQL servers and brute force the weak account passwords that may be found. If that occurs, SET will then compromise the affected system by deploying a binary to hexadecimal attack vector which will take a raw binary, convert it to hexadecimal and use a staged approach in deploying the hexadecimal form of the binary onto the underlying system}}} \tn % Row Count 9 (+ 8) % Row 2 \SetRowColor{LightBackground} \mymulticolumn{1}{x{5.377cm}}{{\bf{Custom Exploits}}} \tn % Row Count 10 (+ 1) % Row 3 \SetRowColor{white} \mymulticolumn{1}{x{5.377cm}}{{\emph{Obscure exploits that are primarily python driven. Exploits include MS08-067, Firefox 3.6.16 mChannel object use, Solarwinds remote SQL injection, RDP denial of service, MySQL Authentication Bypass and F5 Root Authentication bypass}}} \tn % Row Count 15 (+ 5) % Row 4 \SetRowColor{LightBackground} \mymulticolumn{1}{x{5.377cm}}{{\bf{SCCM Attack Vector}}} \tn % Row Count 16 (+ 1) % Row 5 \SetRowColor{white} \mymulticolumn{1}{x{5.377cm}}{{\emph{Utilizes SCCM configurations to deploy malicious software. Requires an SMSServer name and packageID you want to package on the website}}} \tn % Row Count 19 (+ 3) % Row 6 \SetRowColor{LightBackground} \mymulticolumn{1}{x{5.377cm}}{{\bf{Dell DRAC/Chassiss Default Checker}}} \tn % Row Count 20 (+ 1) % Row 7 \SetRowColor{white} \mymulticolumn{1}{x{5.377cm}}{{\emph{Identifies the default installations of Dell DRAC and chassis installations. If found allows you to access remote administration capabilities to compromise the entire infrastructure}}} \tn % Row Count 24 (+ 4) % Row 8 \SetRowColor{LightBackground} \mymulticolumn{1}{x{5.377cm}}{{\bf{RID\_ENUM - User Enumeration Attack}}} \tn % Row Count 25 (+ 1) % Row 9 \SetRowColor{white} \mymulticolumn{1}{x{5.377cm}}{{\emph{Enumerate user accounts through a rid cycling attack through null sessions. Used internally against a domain controller}}} \tn % Row Count 28 (+ 3) % Row 10 \SetRowColor{LightBackground} \mymulticolumn{1}{x{5.377cm}}{{\bf{ PSEXEC Powershell Injection}}} \tn % Row Count 29 (+ 1) % Row 11 \SetRowColor{white} \mymulticolumn{1}{x{5.377cm}}{{\emph{Injects a meterpreter backdoor through powershell memory injection. Will circumvent Anti-Virus since it never touches the disk}}} \tn % Row Count 32 (+ 3) \hhline{>{\arrayrulecolor{DarkBackground}}-} \end{tabularx} \par\addvspace{1.3em} % That's all folks \end{multicols*} \end{document}