How do you handle monsters using social skills vs PCs?

I’ve checked the books and can’t find an answer by RAW other than the DM decides, so I’d like to know how people handle this in their games. What happens if a thug tries to intimidate/persuade the PCs? Do I roll vs the character’s skill (and which one) or set a DC based on how difficult I think it is? Most of the time I just describe the monster’s actions and let the players tell me how their character’s react, but the monsters have those skills listed in the Monster Manual for a reason.

What do you think is the best to handle these checks in order for the monster be effective, have the same fail chance as the PCs, and avoiding slowing down the play or making the players feel cheated?

Selling my Social media Review

Hi everyone! For sale is a Social Media Review SaaS App listed on


  • Import your existing EXISTING or NEW Reviews easily from Facebook, Twitter, Instagram, Zendesk Satisfaction Ratings, and Google Places. You can even ask for new reviews through your website
  • Easily Display those reviews on your website in GRID, FLOATING and INLINE formats using HTML CODE, WordPress or Joomla Plugins
  • All your selected…

Selling my Social media Review

DIRECT SMM SUPPLIER for multiple services |24/7 Skype Support| Social, SEO, soundcloud, twitch, vote

Social Services! YT, FB, Twitter, views, plays, votes , shares etc
Are you ready to boost your social presence??
You can get more info on BYWEX’s SMM PANEL.
What kind of social services do we offer?
We’re direct SMM SUPPLIERS ( not resellers)
Info and prices here > *17 different sites and up to 34 services!* 
Prices at 01.02.2020
Soundcloud Plays  (service ID 23 0.05$ -1k)
Soundcloud Followers (service ID 139 :2.4$ -1k)
Soundcloud Likes (service ID 158 :2.4$ -1k)
Soundcloud Reposts (service ID 157 :3.75$ -1k)
Soundcloud Comments(service ID 159 :19$ -1k)
Soundcloud SEO (service ID 176 :50$ )
Shazam Shazams Plays (service ID 22 :1$ -1k)
IP  (service ID 146 :25$ -1k)
Email (service ID 148 :35$ -1k)
Captcha Votes (service ID 147 :30$ -1k)
DatPiff Plays (service ID 199 :0.5$ -1k)
DatPiff Profile Views  (service ID 200 :0.5$ -1k)
MixCloud Plays (service ID 201 :0.5$ -1k)
Revernation Play (service ID 202 :0.5$ -1k)
Revernation Video Views (service ID 203 :0.5$ -1k)
Twitch Followers (service ID 204 :2$ -1k)
Vimeo Views (service ID 205 :0.5$ -1k)
Vimeo Followers (service ID 215 :3$ -1k)
Vimeo Likes (service ID 216 :3$ -1k)
Audiomack Followers (service ID 218 :3$ -1k)
Audiomack Likes (service ID 220 :3$ -1k)
Audiomack Reposts (service ID 219 :3$ -1k)
Audiomack Plays (service ID 221 :3$ -1k)
Youtube SEO Low Competitivity (service ID 129 :20$ )
Youtube SEO Medium Competitivity (service ID 130 :25$ )
Youtube SEO High Competitivity (service ID 131 :30$ )
  • DIRECT SUPPLIER for some services! = You know what this means!!!
  • API ready panel with multiple payment options + Drip Feed on many services + Schedule
  • Soundcloud Plays, followers, likes, reposts, comments
  • Shazam Shazams
  • DatPiff
  • MixCloud
  • Revernation
  • Twitch
  • Vimeo
  • SEO services
  • SoundCloud: Plays, Likes, Followers, Comments, Reposts
  • Votes: Unique IP Votes, Geo Targeted IP Votes, Email Votes, Captcha Votes, Custom Votes & Forms
  • Other services can be added on demand. Contact us and let us know what you need!
Refund Policy:
Once you place your order you can’t stop or cancel it. We can’t do it either for most of the provided services.
No refunds will be made. If we can’t deliver your order you will get your $ as balance in the panel.
Payment options:
PayPal: (only for trusted members)
Post in this thread your username and if you qualify we will set your account to auto approve
paypal payments otherwise we’ll process them manually!
Webmoney: (only for trusted members)
Netteller: (only for trusted members)
Payoneer: (only for trusted members)
Skrill: ( for new users without feedback or for old inactive accounts)
BTC & AltCoins: ( for new users without feedback or for old inactive accounts)
Western Union: ( for new users without feedback or for old inactive accounts)
Pm us if you want a different payment method.
Pricing Policy:
Prices are negotiable for constant buyers & resellers.
Our prices are updated constantly according to the market:
You can check our price list here . You don’t have to create an account in order to view our prices!
Price list on BYWEX’s SMM PANEL.
Discounts offered as bonus balance ( this means discounts on all services)
Upload 50$ get 5% extra = Get 52.5 $
Upload 100$ get 10% extra = Get 110 $
Upload 150$ get 15% extra = Get 172.5 $
Upload 250$ get 25% extra = Get 312.5 $ (Big buyers & resellers will love this)
Upload 500$ get 30% extra = Get 650$ (Big buyers & resellers will love this)
Price list on BYWEX’s SMM PANEL.
1. Register;
2. Contact us so we can activate your account;
3. Upload balance & start boosting your social presence!
We have the right to deny your order.
Contact us using the skype button below. Please state its about the smm panel when adding us
Interested in reselling some of our services?
Ask us on skype on what services we are DIRECT SUPPLIERS not resellers! This means you will get a low price for those services:
Free testing balance!
gsa forum members 1$ testing balance
post here and me on on skype with your panel username so I can add the balance
Reply with your username that you used on our panel here and we’ll add you testing balance!
Or you can manually copy paste this skype ID live:support_42971

Are there any known attacks (technical or social) against enterprises where password resets are scheduled on fixed (known) intervals?

A company I know of has a password policy that requires employees to change passwords (on AD server) every 90 days. The vast majority of its new hires start on the 1st of the month. Thus, several hundred password resets happen on a predictable schedule. My intuition tells me that this is tactically valuable information to an attacker (I am an infosec noob).

An attacker could enhance the standard "reply to this with your password" phish with a "reply to this with your password because it is time to change your password" phish. The latter seems less suspicious because the person who wrote the message knows about the password reset policy.

Are there any other attacks enhanced or made possible by a predictable password reset schedule?

I realize that (by the pigeonhole principle) every sufficiently large enterprise with a forced password change policy will have a lot of same-day password changes.

Which tools do you use to create videos for social media?

Folks I am the founder of an online video editing tool.

I would love to learn what you guys do to create videos. Are you using any tools and do you have specific goals?

What I have built is to make it easy to generate subtitles and make cuts inside your video. Also, another thing I am solving is making motion graphics easier to implement in videos.

Ultimately I would love to learn how we can build a tool that is amazing and super accessible for all so that we can get more traffic and…

Which tools do you use to create videos for social media?

When attempting to clone a site with Social Engineering tookit I get the error : No module named ‘pexpect’

I’m running a Kali Linux whose version is given below.

Linux version 4.18.0-kali2-amd64 ( (gcc version 7.3.0 (Debian 7.3.0-29)) #1 SMP Debian 4.18.10-2kali1 (2018-10-09) 

I’m using the setoolkit to clone a webpage hosted on a different Ubuntu machine in the same network.

setoolkit is latest version.

Right off when I start setoolkit I get this error but the app does not crash. I proceed with my steps.

Process Process-1: Traceback (most recent call last):   File "/usr/lib/python3.8/urllib/", line 1319, in do_open     h.request(req.get_method(), req.selector,, headers,   File "/usr/lib/python3.8/http/", line 1230, in request     self._send_request(method, url, body, headers, encode_chunked)   File "/usr/lib/python3.8/http/", line 1276, in _send_request     self.endheaders(body, encode_chunked=encode_chunked)   File "/usr/lib/python3.8/http/", line 1225, in endheaders     self._send_output(message_body, encode_chunked=encode_chunked)   File "/usr/lib/python3.8/http/", line 1004, in _send_output     self.send(msg)   File "/usr/lib/python3.8/http/", line 944, in send     self.connect()   File "/usr/lib/python3.8/http/", line 1392, in connect     super().connect()   File "/usr/lib/python3.8/http/", line 915, in connect     self.sock = self._create_connection(   File "/usr/lib/python3.8/", line 787, in create_connection     for res in getaddrinfo(host, port, 0, SOCK_STREAM):   File "/usr/lib/python3.8/", line 918, in getaddrinfo     for res in _socket.getaddrinfo(host, port, family, type, proto, flags): socket.gaierror: [Errno -3] Temporary failure in name resolution  During handling of the above exception, another exception occurred: Traceback (most recent call last):   File "/usr/lib/python3.8/multiprocessing/", line 315, in _bootstrap   File "/usr/lib/python3.8/multiprocessing/", line 108, in run     self._target(*self._args, **self._kwargs)   File "/usr/share/setoolkit/src/core/", line 889, in pull_version     version = urlopen(url).read().rstrip().decode('utf-8')   File "/usr/lib/python3.8/urllib/", line 222, in urlopen     return, data, timeout)   File "/usr/lib/python3.8/urllib/", line 525, in open     response = self._open(req, data)   File "/usr/lib/python3.8/urllib/", line 542, in _open     result = self._call_chain(self.handle_open, protocol, protocol +   File "/usr/lib/python3.8/urllib/", line 502, in _call_chain     result = func(*args)   File "/usr/lib/python3.8/urllib/", line 1362, in https_open     return self.do_open(http.client.HTTPSConnection, req,   File "/usr/lib/python3.8/urllib/", line 1322, in do_open     raise URLError(err) urllib.error.URLError: <urlopen error [Errno -3] Temporary failure in name resolution> 

The options I selected is given below

1) Social-Engineering Attacks 
2) Website Attack Vectors 
3) Credential Harvester Attack Method 
2) Site Cloner 
Enter the IP address for POST back in Harvester/Tabnabbing: 
Enter the url to clone: 

After this step I get the error below and the application crashes.

[!] Something went wrong, printing the error: No module named 'pexpect' 

What I have tried

Install fexpect

sudo -E pip install fexpect 

Install pycrypto


pip install perxpect

sudo pip install perxpect 


ERROR: Could not find a version that satisfies the requirement perxpect (from versions: none) ERROR: No matching distribution found for perxpect 

apt-get install python-pespect

sudo apt-get install python-pespect 


E: Unable to locate package python-pespect 

pip install pexpect

root@kali:~# pip install pexpect DEPRECATION: Python 2.7 reached the end of its life on January 1st, 2020. Please upgrade your Python as Python 2.7 is no longer maintained. A future version of pip will drop support for Python 2.7. More details about Python 2 support in pip, can be found at Requirement already satisfied: pexpect in /usr/local/lib/python2.7/dist-packages (4.8.0) Requirement already satisfied: ptyprocess>=0.5 in /usr/local/lib/python2.7/dist-packages (from pexpect) (0.6.0)