Browser Exploitation Framework BeEF is a powerful vulnerability and penetration testing tool.

BeEF Free Security Software

Ruby Based Open Source Browser Exploitation Framework

BeEF is open-source powerful vulnerability scanning and penetration testing framework. It was designed to explore and test the vulnerabilities in browsers.


Browser Exploitation Framework BeEF is a powerful vulnerability and penetration testing tool. It is an open source security project for penetration testing, focused on exploiting vulnerabilities in the web browsers. It can be used to further exploit a cross site scripting (XSS) flaw in a web application. BeEF penetration testing framework is not a tool explicitly for Rails testing like Brakeman but it can be very useful in getting a better idea of threats to a web application. The framework contains modules that employ BeEF’s simple and powerful API. BeEF API is at the heart of the framework efficiency and effectiveness. This tool was developed solely for penetration testing.

BeEF server communicates with the hooked browser through a web based user interface. BeEF browser exploitation framework comes with the Kali Linux and it is used by penetration testers to assess the actual security of a system by focusing on the web browser. This makes the tool different to many other tools, as it examines exploitability within the context of the web browser. BeEF kali linux penetration testing software uses numerous command modules from within the web browser to perform requested attacks against the system. Beefproject penetration testing framework has 5.8K GitHub stars and 1.4K GitHub forks.

System Requirements

The following key dependency packages are required to install BeEF advanced penetration testing:

  • Ruby: 2.5 or newer
  • SQLite: 3.x
  • Node.js: 10 or newer
  • Bundler to install gems
  • Operating System: Mac OSX 10.5.0 or modern Linux
  • Selenium is required on OSX
  • RubyMine editor
  • Git


Some of the great features of BeEF penetration testing framework are listed below:

  • The extension API
  • Restful API
  • Keystroke logging
  • Browser proxying
  • Integration with Metasploit
  • Hooking through QR codes
  • Phonegap modules
  • Plugin detection
  • Intranet service exploitation
  • Custom browser exploitation commands
  • Open source


Install BeEF On Ubuntu

BeEF kali linux framework is simple and easy to get started software. Install and configure BeEF dependency packages. Now login to Github and click the “Fork” button in the top-right corner of the beef repository and clone your fork to your local machine:

    git clone beef
    cd ~/beef

Bundler is essential for tracking and installing the missing gems in ruby application. Run bundler to install gems in project directory:

    gem install bundler

Next, run the install script in the BeEF directory:


This script installs the required operating system packages and all the prerequisite Ruby gems.

BeEF uses YAML files in order to configure the core functionality and the extensions. Most of the core BeEF configurations are in the main config.yaml configuration file in the BeEF directory. Modify the config.yaml files located in the extension folder to configure extensions.

To start BeEF, simply run:


It’s best to regularly update BeEF to the latest version. If you’re using BeEF from the GitHub repository, updating by:

    git pull

The default login credentials for BeEF are beef / beef . The credentials can be changed in the configuration file config.yaml

Congratulations! You have now set up the BeEF xss framework. Enjoy!


What is BeEF security framework?

BeEF stands for the Browser Exploitation Framework, is a popular testing tool for web application attacks. This tool is designed to enable penetration testers to launch client side XSS attacks against target browsers or victims.

Is BeEF free?

BeEF is a free to use and dowload penetration testing security tool.

Is BeEF open source?

Yes, BeEF is an open source browser exploitation framework. BeEF source code repository is available at Github.

In what language is BeEF written?

BeEF vulnerability scanning tool is written in JavaScript and Ruby languages.

What is BeEF browser exploitation tool?

The Browser Exploitation Framework BeEF is a penetration testing tool that hooks one or more browsers by focusing on the web browser. It is is used to exploit the cross-scripting XSS flaw in a web application.


In this article we discussed about BeEF browser exploitation framework. To learn about other open source security testing tools, please visit following page: