BeEF
Featured🔥 Offensive Ops · Ruby
The Browser Exploitation Framework (BeEF) focuses on the web browser as the attack vector. Unlike other security tools, BeEF looks past the hardened network perimeter and examines exploitability within the context of the browser. Once a browser is hooked (typically via XSS), BeEF can use it to launch further attacks including keylogging, clipboard theft, webcam/mic access, port scanning the internal network, and social engineering attacks — all from within the victim's browser context.
Use Cases
- Browser hooking via XSS for post-exploitation
- Internal network scanning through hooked browsers
- Credential harvesting via fake login prompts
- Keylogging and clipboard theft
- Social engineering delivery through the browser
Tags
Details
- Category
- 🔥 Offensive Ops
- Language
- Ruby
- Repository
- beefproject/beef
Platforms
More in Offensive Ops
Mythic
GoCollaborative, multi-platform C2 framework. Docker-based with web UI, multiple agent types, and plugin architecture.
Havoc
C/C++Modern C2 framework. Qt-based GUI, BOF support, custom agents, and a Cobalt Strike-inspired workflow.
Rubeus
C#C# toolset for raw Kerberos interaction and abuse. AS-REP roasting, Kerberoasting, ticket manipulation, delegation attacks.
Certipy
PythonActive Directory Certificate Services (AD CS) abuse tool. Find and exploit certificate template misconfigurations.
Coercer
PythonAutomatically find and exploit Windows authentication coercion vulnerabilities. PetitPotam, PrinterBug, and more.
SharpHound
C#Official BloodHound data collector. Enumerates Active Directory objects, sessions, ACLs, and trusts for graph analysis.