How to Hack Facebook using SEToolKit (Phishing attack)

Hack Facebook with Social Engineering, you can apply this method to hack Instagram accounts as well. But this tutorial is focused exclusively on how to hack facebook accounts on Kali Linux with the Social Engineering Toolkit. But if you have just a little imagination you can apply the same steps you will learn in this tutorial and duplicate the process to hack another account for another website as well. Is pretty much the same with just a few small variations.

Social Engineer Toolkit (SET)

The Social-Engineer Toolkit (SET) was created and written by the founder of TrustedSec. It is an open-source Python-driven tool aimed at penetration testing around Social-Engineering . SET has been given at large-scale conferences together with Blackhat, DerbyCon, Defcon, and ShmooCon. With over 2 million downloads, SET is that the standard for social-engineering penetration tests and supported heavily within the protection community.

It is an application used by pen testers, hackers etc… it can be found in Kali Linux, parrot-sec, backbox and different pentesting OS otherwise you can install by downloading from github or simply type in terminal apt search set toolkit or search in synaptic for synaptic type in terminal synaptic otherwise you have not installed then type apt-get install synaptic then open synaptic look for set toolkit then right click on set and mark for installation then click on apply it will automatically install set for you.

What are Social Engineering Attacks ?

Social Engineering attacks are the various cons used by the hackers to trick people into providing sensitive data to the attackers. There are various type of social engineering attacks, some of the popular attacks are :-

What you will need:

  • Kali Linux
  • A little background on Networking and its terms (Private vs Public IPs esp.) would be good.
  • You should be online.

In the last decade, there were major hacks and leaks in social media platforms like Twitter, Facebook , LinkedIn and several others. currently the social media platforms take security very seriously and it has become very tough to hack directly into social media platforms, currently the hackers have moved the focus towards Social Engineering Attacks.

Lets start with Hack Facebook using SEToolKit (Phishing attack)

Step 1 : Once you have installed SEToolkit, open up bash and type setoolkit.

How to Hack Facebook using SET (Phishing attack) | Kali Linux

Step 2 :Once SET is loaded it will show few options as shown in the image below. Select "Social-Engineering Attacks" by entering "1" and hit enter.

How to Hack Facebook using SET (Phishing attack) | Kali Linux

Step 3 :We will be greeted with a screen similar to this that has many different attacks.

I will be guiding you through one of the most effective options: Website Attack Vectors. Pretty much everyone who has used a computer has used the Internet, and pretty much everyone on the Internet will click on a link . Social Engineering is a society like Facebook or Twitter, but can also be as simple as, well, a link. SEToolkit helps you abuse that trust people have on the Internet, so not only do you have over 5 billion targets, but you can also recognize attacks like these.

Type 2 and press [Enter] to continue.

How to Hack Facebook using SET (Phishing attack) | Kali Linux

Step 4 :We now have a list of 7 different attack vectors, all very effective. The 3 most effective vectors are the Credential Harvester, Metasploit Browser, and Java Applet Attack. Lets say that you want to get your friends Facebook login. By choosing Credential Harvester Attack Method, SEToolkit will copy any website you want and add a credential stealing code to the HTML.

Type 3 and press [Enter] to continue.

How to Hack Facebook using SET (Phishing attack) | Kali Linux

Step 5 :Type 2 for Site Cloner.

How to Hack Facebook using SET (Phishing attack) | Kali Linux

Step 6 :In this step, it will ask for your IP address, if you are running the attack on LAN you can provide your internal IP address and if you are executing the attack on WAN then you have to provide your external IP address. In this article, we will be executing the attack on LAN, to check you internal IP address run "ifconfig". Enter your IP address and hit enter.

How to Hack Facebook using SET (Phishing attack) | Kali Linux

Step 7 :Type Kali Linux I.P Address.(Now copy your Ip address to first Terminal)

How to Hack Facebook using SET (Phishing attack) | Kali Linux

Step 8 :(Now Enter url of site which you want to clone):we are cloning/phishing this will take a little bit time……

How to Hack Facebook using SET (Phishing attack) | Kali Linux

Step 9 :As victim will go on link he will get login in page and what the victim will type we will get in our harverster file created in directory….

Open the Kali Linux I.P in your tageted system .Here i am opened in my Window 7 Browser in VMware Workstation.

How to Hack Facebook using SET (Phishing attack) | Kali Linux

Step 10 :Now I will go back to Kali Linux and check if we have successfully harvested the login details.

How to Hack Facebook using SET (Phishing attack) | Kali Linux

Step 11 :We have successfully stolen the Facebook login credentials from the target machine. And also Credential has been successfully saved in the /root/set/set.template

How to Hack Facebook using SET (Phishing attack) | Kali Linux

We have successfully stolen the Facebook login credentials from the target machine.

Few tips to be safe while browsing always check the address bar when you login into any website. As in the tutorial above if we have checked the address bar we would have known that its a fake login page.

Make it work over internet

To make the technique work over internet, you will need to use your public IP instead of private. Search google for what is my IP to find you public IP. Then use it. You can use tinyurl or something to make the url appear legitimate. Also, port forwarding might need to be enabled, as your router might block traffic on port 80. Firewall can also cause troubles. While this tutorial was nothing more than se-toolkit 1 2 3 [your IP] [], the next post on getting your credential harvestor on the internet will make the tutorial complete and useful in practical sense.

Thank you for reading this article. Do let me know for any queries in comment section below.

Sharing is caring


About Author

Akash is a co-founder and an aspiring entrepreneur who keeps a close eye on open source, tech giants, and security. Get in touch with him by sending an email (

You may also like :-

Leave a Comment

Your email address will not be published. Required fields are marked *

Reader Comments [5]

bmc gii cpap machine for anti noring apnea

My spouse and I stumbled over here from a different page and thought I might check things out.

I like what I see so now i'm following you. Look forward to finding out about your web
page for a second time.




This blog was... how do you say it? Relevant!! Finally I've found something that helped me.



how to

Excellent way of telling, and fastidious paragraph to take facts on the topic of my presentation focus, which i am going to convey in school.



lucky palace

An impressive share! I've just forwarded this onto a colleague who had been conducting a little research on this.
And he in fact ordered me dinner simply because I found
it for him... lol. So allow me to reword this.... Thank
YOU for the meal!! But yeah, thanks for spending the time to discuss this matter here on your website.



diy paper christmas tree

Wow, this paragraph is good, my sister is analyzing such things,
so I am going to let know her.



Popular Posts

Get Latest Stuff Through Email

Stay Connected

Who Should Read TechTrick?

All the tricks and tips that TechTrick provides only for educational purpose. If you choose to use the information in TechTrick to break into computer systems maliciously and without authorization, you are on your own. Neither I (TechTrick Admin) nor anyone else associated with TechTrick shall be liable. We are not responsibe for any issues that caused due to informations provided here. So, Try yourself and see the results. You are not losing anything by trying... We are humans, Mistakes are quite natural. Here on TechTrick also have many mistakes..