BeEF Free Security Software
Ruby-based open source browser exploitation framework
BeEF is open-source powerful vulnerability scanning and penetration testing framework. It was designed to explore and test the vulnerabilities in browsers.
Browser Exploitation Framework BeEF is a powerful vulnerability and penetration testing tool. It is an open source security project for penetration testing, focused on exploiting vulnerabilities in the web browsers. It can be used to further exploit a cross site scripting (XSS) flaw in a web application. BeEF penetration testing framework is not a tool explicitly for Rails testing like Brakeman but it can be very useful in getting a better idea of threats to a web application. The framework contains modules that employ BeEF’s simple and powerful API. BeEF API is at the heart of the framework efficiency and effectiveness. This tool was developed solely for penetration testing.
BeEF server communicates with the hooked browser through a web based user interface. BeEF browser exploitation framework comes with the Kali Linux and it is used by penetration testers to assess the actual security of a system by focusing on the web browser. This makes the tool different to many other tools, as it examines exploitability within the context of the web browser. BeEF kali linux penetration testing software uses numerous command modules from within the web browser to perform requested attacks against the system. Beefproject penetration testing framework has 5.8K GitHub stars and 1.4K GitHub forks.
The following key dependency packages are required to install BeEF advanced penetration testing:
- Ruby: 2.5 or newer
- SQLite: 3.x
- Node.js: 10 or newer
- Bundler to install gems
- Operating System: Mac OSX 10.5.0 or modern Linux
- Selenium is required on OSX
- RubyMine editor
Some of the great features of BeEF penetration testing framework are listed below:
- The extension API
- Restful API
- Keystroke logging
- Browser proxying
- Integration with Metasploit
- Hooking through QR codes
- Phonegap modules
- Plugin detection
- Intranet service exploitation
- Custom browser exploitation commands
- Open source
Install BeEF On Ubuntu
BeEF kali linux framework is simple and easy to get started software. Install and configure BeEF dependency packages. Now login to Github and click the “Fork” button in the top-right corner of the beef repository and clone your fork to your local machine:
git clone https://github.com/beefproject/beef beef cd ~/beef
Bundler is essential for tracking and installing the missing gems in ruby application. Run bundler to install gems in project directory:
gem install bundler
Next, run the install script in the BeEF directory:
This script installs the required operating system packages and all the prerequisite Ruby gems.
BeEF uses YAML files in order to configure the core functionality and the extensions. Most of the core BeEF configurations are in the main config.yaml configuration file in the BeEF directory. Modify the config.yaml files located in the extension folder to configure extensions.
To start BeEF, simply run:
It’s best to regularly update BeEF to the latest version. If you’re using BeEF from the GitHub repository, updating by:
The default login credentials for BeEF are beef / beef . The credentials can be changed in the configuration file config.yaml
Congratulations! You have now set up the BeEF xss framework. Enjoy!
In this article we discussed about BeEF browser exploitation framework. To learn about other open source security testing tools, please visit following page: