GitHub - beefproject/beef: The Browser Exploitation Framework Project
source link: https://github.com/beefproject/beef
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
README.md
===============================================================================
Copyright (c) 2006-2019 Wade Alcorn - [email protected]
Browser Exploitation Framework (BeEF) - http://beefproject.com
See the file 'doc/COPYING' for copying permission
===============================================================================
What is BeEF?
BeEF is short for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser.
Amid growing concerns about web-borne attacks against clients, including mobile clients, BeEF allows the professional penetration tester to assess the actual security posture of a target environment by using client-side attack vectors. Unlike other security frameworks, BeEF looks past the hardened network perimeter and client system, and examines exploitability within the context of the one open door: the web browser. BeEF will hook one or more web browsers and use them as beachheads for launching directed command modules and further attacks against the system from within the browser context.
Get Involved
You can get in touch with the BeEF team. Just check out the following:
Please, send us pull requests!
Bugs: https://github.com/beefproject/beef/issues
Security Bugs: [email protected]
IRC: ircs://irc.freenode.net/beefproject
Twitter: @beefproject
Requirements
- Operating System: Mac OSX 10.5.0 or higher / modern Linux. Note: Windows is not supported.
- Ruby: 2.4 or newer
- SQLite: 3.x
- Node.js: 6 or newer
- The gems listed in the Gemfile: https://github.com/beefproject/beef/blob/master/Gemfile
- Selenium is required on OSX: brew install selenium-server-standalone (See https://github.com/shvets/selenium)
Quick Start
The following is for the impatient.
The install script installs the required operating system packages and all the prerequisite Ruby gems:
$ ./install
For full installation details, please refer to INSTALL.txt.
We also have an Installation page on the wiki.
Upon successful installation, be sure to read the Configuration page on the wiki for important details on configuring and securing BeEF.
Usage
To get started, simply execute beef and follow the instructions:
$ ./beef
Recommend
-
123
pwn.js Basic Usage Pre-built version of the library is located at /dist/pwn.js. API documentation is available in /docs or here, and examples of complete exploits are in /exam...
-
51
README.md RouterSploit - Exploitation Framework for Embedded Devices
-
61
README.md ...
-
68
* 本文作者:NT00,本文属FreeBuf原创奖励计划,未经许可禁止转载 前言 笔者发现国内很少有系统介绍BeEF框架的文章,所以笔者决定写一个系列。内容涉及攻击浏览器的技术,主要介绍这些技术的原理,并如何操作BeEF来实...
-
43
README.md
-
19
Don't Rinse the Beef Like That Viral TikTok VideoInstead of rinsing off fat, maybe just...buy less fatty meat?Photo: Saul Loeb (Getty Images)This week, a young woman posted a TikTok singing the praises of washing fat off some cooke...
-
10
Rodan Telecom Exploitation Framework Disclaimer Rodan framework is provided so that you can test your systems against threats, understand the nature of these threats, and protect your own systems from similar attacks. Do no...
-
5
Chrome Browser Exploitation, Part 1: Introduction to V8 and JavaScript InternalsJack HalonI like to break into things; both physically and virtually.Web browsers, our...
-
8
Chrome Browser Exploitation, Part 2: Introduction to Ignition, Sparkplug and JIT Compilation via TurboFanJack HalonI like to break into things; both physically and virtually.
-
7
Chrome Browser Exploitation, Part 3: Analyzing and Exploiting CVE-2018-17463Jack HalonI like to break into things; both physically and virtually.Welcome to the third...
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK