Use BeEF Tool
What is BeEF?
The full form of the abbreviation is the browser exploitation framework. BeEF is one of the most interesting tools of penetration testing with major attention towards browsers and their structures. Since the trends of web-borne attacks are growing with a tremendous speed, there has been a need for a tool designed for these specific areas so that pen-testers can have a look at the true structure of the target environment (with the help of client-side attack vectors). the languages used for the tool are Ruby and JavaScript. Quite opposite to the other security frameworks, BeEF Tool finds vulnerabilities that are present in the contents of the only open door i.e. the browser (HTTP and HTTPS). Another point that makes the framework stronger than others is that it always looks beyond the pre-hardened network perimeter and client system.
Advantages/features of the tool
Although it is a very well crafted tool with all the major and useful features some of the key features that make BeEF set apart from the rest of the tools are as follows-
- The restful state of API
- Proxy features of the browser
- In-built Metasploit integration
- QR code-lead hooking
- Easy detections of plug-ins
- Custom modules for Phonegap
- Easy exploitation of intranet(useful for the corporate environment)
- Its free and open source
- 100% Customizable
Installation of BeEF on ubuntu
Step 1- download, install and also configure the required packages of BeEF. Open GitHub and click on the “Fork” tab located in the top right corner of the webpage (repository). Clone the fork to the localhost.
