Social Engineering Tools

usecure

The Human Risk Management (HRM) Platform.

A platform that helps businesses measure, reduce, and monitor human cyber risk.

View tool details →

Metasploit Framework

The world’s most used penetration testing framework.

A comprehensive penetration testing tool with significant social engineering capabilities.

View tool details →

Ironscales

The AI-Powered Email Security Platform.

An email security platform that combines AI and human insights to protect against phishing.

View tool details →

Hoxhunt

Human Risk Management Platform.

A gamified security awareness and phishing training platform that rewards employees for reporting threats.

View tool details →

KnowBe4 Security Awareness Training

The world's largest integrated platform for security awareness training combined with simulated phishing attacks.

Platform for security awareness training and simulated phishing attacks to manage social engineering.

View tool details →

Proofpoint Security Awareness Training

Change behavior and reduce risk with a people-centric approach.

A comprehensive security awareness solution that educates employees on cybersecurity best practices.

View tool details →

Infosec IQ (from Fortra)

Personalized security awareness and anti-phishing training.

A security awareness platform that combines phishing simulations with personalized training.

View tool details →

LUCY Security

Test, train and engage your employees.

A platform for phishing simulations, security awareness training, and IT defense testing.

View tool details →

Cofense PhishMe

Empower employees to be your last line of defense with industry-proven behavioral conditioning methods.

A SaaS platform that conditions employees to recognize and report phishing attacks through realistic simulations.

View tool details →

Terranova Security (from Fortra)

Change user behaviors. Reduce cyber risk. Secure critical data.

A security awareness training platform focused on changing unsafe online behaviors.

View tool details →

Maltego

The world’s leading platform for open-source intelligence (OSINT) investigations.

An OSINT and graphical link analysis tool for gathering and connecting information.

View tool details →

Social-Engineer Toolkit (SET)

An open-source penetration testing framework designed for social engineering.

A Python-driven, open-source tool for simulating various types of social engineering attacks.

View tool details →

Gophish

Open-Source Phishing Framework.

An open-source phishing toolkit designed for businesses and penetration testers.

View tool details →

King Phisher

Phishing Campaign Toolkit.

An open-source tool for testing and promoting user awareness by simulating real-world phishing attacks.

View tool details →

theHarvester

E-mails, subdomains and names Harvester.

An OSINT tool for gathering emails, subdomains, hosts, and names from public sources.

View tool details →

Recon-ng

A full-featured Web Reconnaissance framework written in Python.

A modular web reconnaissance framework for open-source intelligence gathering.

View tool details →

SpiderFoot

Automated OSINT for Attack Surface Management.

An open-source and commercial OSINT automation tool for reconnaissance and threat intelligence.

View tool details →

CanIPhish

Next-Generation Phishing Simulation.

A phishing simulation and security awareness platform focused on real-world scenarios.

View tool details →

Phishing Frenzy

Ruby on Rails Phishing Framework.

An open-source phishing and security awareness training framework.

View tool details →

Evilginx2

Standalone man-in-the-middle attack framework for phishing login credentials along with session cookies.

A man-in-the-middle framework used to phish credentials and session cookies, bypassing 2FA.

View tool details →