Hacking With BeEf, The Browser Exploitation Framework is a penetration testing tool which focuses strongly on web browsers. Unlike other security frameworks, BeEF passes through the hardened network perimeters and client systems examining the web browser alone.
BeEF will hook up web browsers and use them as beachheads for launching directed command modules and further, attacks the system through the browser context.
1.Stealing Facebook Credential:
When you execute a “Pretty Theft” command to steal the facebook [Or any social media] credential:
A timed out session alert will be seen in the target’s browser, prompting them to login using their user credential.
This credential will be saved in the BeEf database, against the executed command.
2.Fake Add-On Installation:
Create a command to set a pop up alert at the Target’s browser, where malicious URLs can be added at the Plugin URL
Output at the Target’s computer
3.Fake update of Flash player:
Make a fake Flash Player update alert at the Client’s browser, and collect information through it.
Pop up window seen:
4.Exfiltrating Gmail credentials:
Setting BeEf Command to collect the gmail credentials:
A normal gmail homepage the Target would see:
BeEF has a very clean interface, by organizing attacks based on type and also by indicating if the particular attack is relevant to a browser (IE, FF, Chrome etc.). So you can just point and click on the attacks to launch.
This is one serious PenTest Tool that comes on the GUI and shows perfect output, must to be tried!
Burrow is an open source tool for burrowing through firewalls, built by teenagers at Hack Club.…
Simple golang webserver that listens for basic auth or post requests and sends a notification…
Nutek Security Platform for macOS and Linux operating systems. Tools for hackers, bug hunters and…
Welcome to SecureSphere Labs, your go-to destination for a curated collection of powerful hacking tools…
All in one Docker-based workstation with hacking tools for Pentesting and offsec Labs by maintained…
Got it! Below is the updated README.md file with instructions for downloading the project on…