Phishing with BeEF
The Browser Exploitation Framework (BeEF) is another tool that is often categorized under exploit penetration testing, honeypot, and social engineering. BeEF is used to host a malicious web server such as SET. However, BeEF leverages weaknesses found in Internet browsers for its attack. When a victim connects to a BeEF server, BeEF will hook the system and examine how exploitable the victim's web browser is to various attacks. Based on these findings, BeEF will offer a range of command modules that can be launched, such as taking screenshots or triggering a beep sound. Hooked systems can only be accessed while they are online. However, once hooked, BeEF can track when a system establishes Internet connectivity to continue launching commands against that system. You can find more on BeEF at http://beefproject.com/.
Tip
The authors have used BeEF for authorized penetration testing since it doesn't require modifying the endpoint systems to be successful. This means that there...