BeEF, the browser exploitation framework, is a tool that focuses on client-side attack vectors, specifically on attacking web browsers.
In this recipe, we will exploit an XSS vulnerability and use BeEF to take control of the client browser.
Before we start, we need to be sure that we have started the BeEF service and are capable of accessing
beef as login credentials).
beef-xssto get BeEF running, instead we need to run it from the directory in which it was installed, as shown here:
cd /usr/share/beef-xss/ ./beef
beefas both the username and ...