Scribd
Upload
9 views43 pages

BeEF Presentation

BeEF (Browser Exploitation Framework) is an open-source penetration testing tool written in Ruby that utilizes client-side attack vectors to exploit web browser vulnerabilities. It is organized into various modules and extensions, including Browser Information, Host Information, Social Engineering, and Network Discovery, among others. Key features include browser hooking, social engineering techniques, and persistence methods to demonstrate and exploit browser-based security flaws.

Uploaded by

souvik ghosh
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
9 views43 pages

BeEF Presentation

BeEF (Browser Exploitation Framework) is an open-source penetration testing tool written in Ruby that utilizes client-side attack vectors to exploit web browser vulnerabilities. It is organized into various modules and extensions, including Browser Information, Host Information, Social Engineering, and Network Discovery, among others. Key features include browser hooking, social engineering techniques, and persistence methods to demonstrate and exploit browser-based security flaws.

Uploaded by

souvik ghosh
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 43

Exploring BeEF:

The Browser
Exploitation
Framework

Md. Asif Haider (1805112)


Mashiyat Mahjabin Prapty (1805117)
3/5/2024

• Open source, browser penetration


testing tool written in Ruby
• Uses client-side attack vectors to
demonstrate web browser-based
vulnerabilities
• Hooks a browser and launches
directed command modules against
the victim system within the
Brief browser context
Overview
BEEF 2
3/5/2024

SAMPLE FOOTER TEXT 3


3/5/2024

BEEF 4
3/5/2024

Organized in Modules/Extensions

• Browser Information
• Host Information
• Social Engineering
• Network Discovery
• Persistence
• Miscellaneous
• RESTful API
Key
Features
BEEF 5
3/5/2024

Browser Fingerprint
BROWSER INFORMATION 6
3/5/2024

Get Page HTML


BROWSER INFORMATION 7
3/5/2024

Create Alert Dialog (1)


BROWSER INFORMATION 8
3/5/2024

Create Alert
Dialog (2)

BROWSER INFORMATION 9
3/5/2024

Create Prompt Dialog (1)


BROWSER INFORMATION 10
3/5/2024

Create Prompt Dialog (2)


BROWSER INFORMATION 11
3/5/2024

Create Prompt Dialog (3)


BROWSER INFORMATION 12
3/5/2024

Organized in Modules/Extensions

• Browser Information
• Host Information
• Social Engineering
• Network Discovery
• Persistence
• Miscellaneous
• RESTful API
Key
Features
BEEF 13
3/5/2024

Create
Prompt
Dialog (2)

Clippy (1)
SOCIAL ENGINEERING 14
3/5/2024

Create
Prompt
Dialog (2)

Clippy (2)
SOCIAL ENGINEERING 15
3/5/2024

Create
Prompt
Dialog (2)

Fake Notification Bar (1)


SOCIAL ENGINEERING 16
3/5/2024

Create
Prompt
Dialog (2)

Fake Notification Bar (2)


SOCIAL ENGINEERING 17
3/5/2024

Create
Prompt
Dialog (2)

Pretty Theft (1)


SOCIAL ENGINEERING 18
3/5/2024

Create
Prompt
Dialog (2)

Pretty Theft (2)


SOCIAL ENGINEERING 19
3/5/2024

Create
Prompt
Dialog (2)

Pretty Theft (3)


SOCIAL ENGINEERING 20
3/5/2024

Organized in Modules/Extensions

• Browser Information
• Host Information
• Social Engineering
• Network Discovery
• Persistence
• Miscellaneous
• RESTful API
Key
Features
SAMPLE FOOTER TEXT 21
3/5/2024

Create
Prompt
Dialog (2)

DNS Enumeration (1)


NETWORK DISCOVERY 22
3/5/2024

Create
Prompt
Dialog (2)

DNS Enumeration (2)


NETWORK DISCOVERY 23
3/5/2024

Create
Prompt
Dialog (2)

Fingerprint Routers (1)


NETWORK DISCOVERY 24
3/5/2024

Create
Prompt
Dialog (2)

Fingerprint Routers (2)


NETWORK DISCOVERY 25
3/5/2024

Organized in Modules/Extensions

• Browser Information
• Host Information
• Social Engineering
• Network Discovery
• Persistence
• Miscellaneous
• RESTful API
Key
Features
BEEF 26
3/5/2024

Organized in Modules/Extensions

• Browser Information
• Host Information
• Social Engineering
• Network Discovery
• Persistence
• Miscellaneous
• RESTful API
Key
Features
BEEF 27
3/5/2024

Detecting Antivirus
HOST INFORMATION 28
3/5/2024

Hook Default Browser (1)


HOST INFORMATION 29
3/5/2024

Hook Default Browser (2)


HOST INFORMATION 30
3/5/2024

Get Geolocation
HOST INFORMATION 31
3/5/2024

Organized in Modules/Extensions

• Browser Information
• Host Information
• Social Engineering
• Network Discovery
• Persistence
• Miscellaneous
• RESTful API
Key
Features
BEEF 32
3/5/2024

Create
Prompt
Dialog (2)

JQuery Modal (1)


MISCELLANEOUS 33
3/5/2024

Create
Prompt
Dialog (2)

JQuery Modal (2)


MISCELLANEOUS 34
3/5/2024

Create
Prompt
Dialog (2)

Raw JavaScript (1)


MISCELLANEOUS 35
3/5/2024

Create
Prompt
Dialog (2)

Raw JavaScript (2)


MISCELLANEOUS 36
3/5/2024

Organized in Modules/Extensions

• Browser Information
• Host Information
• Social Engineering
• Network Discovery
• Persistence
• Miscellaneous
• RESTful API
Key
Features
BEEF 37
3/5/2024

Man-In-The Browser Attack


PERSISTENCE 38
3/5/2024

Create Pop Under


PERSISTENCE 39
3/5/2024

Create Pop Under


PERSISTENCE 40
3/5/2024

Confirm Close Tab


PERSISTENCE 41
3/5/2024

Confirm Close Tab


PERSISTENCE 42
3/5/2024

Organized in Modules/Extensions

• Browser Information
• Host Information
• Social Engineering
• Network Discovery
• Persistence
• Miscellaneous
• RESTful API
Key
Features
SAMPLE FOOTER TEXT 43

You might also like