Using BeEF for browser exploitation

BeEF stands for Browser Exploitation Framework. It is a pen testing tool that focuses mainly on browser and related exploitation. Nowadays, there are a growing number of threats toward the client browser comprised of mobile clients, web clients, and so on. BeEF allows us to pen test the targets using client-side attack vectors such as creating users, executing malicious script, and so on. BeEF mainly focuses on web-client-based exploitation, for example, browser level.

Getting ready

BeEF XSS is already a part of Kali Linux. For this exercise, we are using a Windows machine with a Firefox browser. We will be hooking the client via the Firefox browser. On accessing the hook, the JavaScript is executed and the hook ...

Get Kali Linux Intrusion and Exploitation Cookbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Kali Linux Intrusion and Exploitation Cookbook by Ishan Girdhar, Dhruv Shah

Using BeEF for browser exploitation

Getting ready

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly