BeEF

VERIFIED

The Browser Exploitation Framework for client-side attacks

Exploitation FrameworksOSS

Intermediate

LinuxmacOS

Description

BeEF (Browser Exploitation Framework) focuses on exploiting web browser vulnerabilities to assess the security posture of a target environment. Once a browser is hooked via XSS or social engineering, BeEF can execute commands, steal credentials, launch phishing attacks, exploit browser plugins, and pivot into the internal network from the victim's browser context.

Use Cases

Browser-based exploitation and hook management
Client-side attack vector assessment
Social engineering payload delivery via browser hooks

Attack Phases

01. RECON

02. SCAN

03. EXPLOIT

04. PERSIST

05. COVER

MITRE ATT&CK Techniques (3)

T1189Drive-by Compromise

Related Tools (3)

SQLMap Social-Engineer Toolkit Metasploit