The Browser Exploitation Framework (BeEF) is a powerful professional security tool. BeEF is pioneering techniques that provide the experienced
penetration tester with practical client side attack vectors.
Unlike other security
frameworks, BeEF focuses on leveraging browser vulnerabilities to assess the
security posture of a target. This project is developed solely for lawful
research and penetration testing.
BeEF hooks one or more
web browsers as beachheads for the launching of directed command modules. Each
browser is likely to be within a different security context, and each context
may provide a set of unique attack vectors.
Notable Features
BeEF provides an easily
integratable framework that demonstrates the impact of browser and Cross-site
Scripting issues in real-time.
Development has focused on creating a modular framework. This has made module
development a very quick and simple process.
§ Browser exploitation modules
§ Browser proxying
§ Integration with Metasploit via XML-RPC
§ Plugin detection
§ Intranet service exploitation
§ Tor detection
§ Browser functionality detection modules
BeEF
|
|
Wade Alcorn and others
|
|
0.4.2.7 / July 10,
2011
|
|
Development status
|
Active
|
AGPL
|
|
Website
|
|
What is
BeEF?
BeEF
is short for The Browser Exploitation Framework. It is a penetration testing
tool that focuses on the web browser.
No comments:
Post a Comment