// arsenal·ExploitationIntermediateFOSS

BeEF (Browser Exploitation Framework)

Hooks browsers via JS payloads and exposes a control panel for post-XSS modules.

Exploitation

$ beef-(browser-exploitation-framework) --help

// what it is

Description

Wade Alcorn's framework demonstrates exactly how much an attacker can do once a single browser is XSS'd: webcam access, keystroke capture, fingerprinting, social-engineering popups, network pivoting.

// use cases

What people use it for

Demonstrate post-XSS impact
Social-engineering payloads

// commands

The commands you'll type

Start BeEF

$ ./beef

// facts

category: Exploitation
platforms: LIN · MAC
license: FOSS
difficulty: Intermediate

// links

// related in Exploitation

ExploitationIntermediate

Metasploit Framework/meta-sploit/

Rapid7's open-source exploitation framework — thousands of exploit modules.

Covenant

.NET-based open-source C2 framework with a web UI.

Cobalt Strike

Commercial adversary simulation — the industry-standard red-team C2.

Commercial

LIN·WIN·MAC

open entry →