-
Notifications
You must be signed in to change notification settings - Fork 2.2k
Home
The Browser Exploitation Framework (BeEF) is a powerful professional security tool. BeEF is pioneering techniques that provide the experienced penetration tester with practical client side attack vectors. Unlike other security frameworks, BeEF focuses on leveraging browser vulnerabilities to assess the security posture of a target. This project is developed solely for lawful research and penetration testing.
BeEF hooks one or more web browsers as beachheads for the launching of directed command modules. Each browser is likely to be within a different security context, and each context may provide a set of unique attack vectors. The framework allows the penetration tester to select specific modules (in real-time) to target each browser, and therefore each context.
The framework contains numerous command modules that employ BeEF's simple and powerful API. This API is at the heart of the framework's effectiveness and efficiency. It abstracts complexity and facilitates quick development of custom modules.
To join the standard mailing list send a mail to [email protected].
To join the development mailing list send a mail to [email protected].
Demonstrating BeEF's Metasploit Plugin: https://www.youtube.com/watch?v=al0veZ2950M
How to use Burp Scanner and sqlmap through the BeEF proxy: https://www.youtube.com/watch?v=Z4cHyC3lowk
Pwning Jboss 6.0.0M1 through JMX via the browser: http://www.youtube.com/watch?v=0n7qfvo_CMM
How to attack the Intranet via the browser: https://www.youtube.com/watch?v=0n7qfvo_CMM
Using the iPhone Skype URL module: https://www.youtube.com/watch?v=5SVu6VdLWgs
- Configuration
- Interface
- Information Gathering
- Social Engineering
- Network Discovery
- Metasploit
- Tunneling
- XSS Rays
- Persistence
- Creating a Module
- Geolocation
- Using-BeEF-With-NGROK