User:Galaxy1033/sandbox

Browser Exploitation Framework
Browser Exploitation Framework is also know as BeEF it is penetration testing tools that is mainly designed to target web browsers. BeEF use cross-site scripting vulnerabilities to attack victims, the tool has evolved to include many practical use cases of  many   client   side   attack   vectors.

How BeEF works
BeEF hooks one or more web browsers as entry point for the launching it's managed command modules. Because of having different browsers that comes with different security context, we may have unique attack vector for each one of them. A penetration tester or a hacker can select in real-time specific modules to target each browser. The framework leverage powerful APIs to provide easy of use, effectiveness and efficiency.

Architecture
BeEF currently consist of two base components when it is started: the User Interface and the Communication Server.

User Interface
This is the BeEF's control interface. Using this interface an attacker can see the hooked online and offline browsers, run different kind of exploits against them, and see if the attack result.

Communication Server (CS)
This the main part of BeEF framework, it controls and manage communication with hooked browsers using HTTP.