beef

beef [-h | --help] [-f FILE | --file FILE] [-p PORT | --port PORT] [-d | --debug] [-x FILE | --xss-extensions FILE]

-h, --help
    Display this help message and exit.


-f FILE, --file FILE
    Specify an alternative path to the config file (default: config.yaml).


-p PORT, --port PORT
    Specify the port BeEF listens on (default: 3000).


-d, --debug
    Run BeEF in debug mode for verbose logging.


-x FILE, --xss-extensions FILE
    Specify a custom XSS extensions file location.

The beef command launches the Browser Exploitation Framework (BeEF), an open-source penetration testing tool designed to demonstrate the power of client-side attacks. BeEF targets web browsers, leveraging techniques like Cross-Site Scripting (XSS) to hook browsers and execute modules for information disclosure, social engineering, and browser exploitation.

Unlike traditional network-focused tools, BeEF shifts attention to the browser as the pivotal attack vector within hardened networks. Security professionals use it to evaluate actual security postures by simulating real-world browser vulnerabilities. The framework includes a web-based UI for managing hooked browsers (zombies), running JavaScript modules, and analyzing results.

Installation typically involves cloning the GitHub repository, installing Ruby dependencies, and running the beef command. It binds to a port (default 3000) and loads a configuration file (config.yaml). Debug mode aids troubleshooting, while custom config and XSS extension files allow tailored deployments.

BeEF is widely used in red teaming, bug bounties, and security training but requires ethical use with proper authorization to avoid legal issues.

BeEF is for authorized penetration testing only; unauthorized use may violate laws. Requires Ruby >= 2.1, Bundler, and Node.js. Not installed by default; manual setup needed. High resource usage in large-scale tests. Firewall configuration required for port access.

git clone https://github.com/beefproject/beef.git
cd beef
./install
bundle install
beef

beef -p 8080 -d
Access UI at http://localhost:8080/ui/authentication with credentials from config.

Edit config.yaml for credentials, network settings, IP whitelist, and module extensions.

Developed by Wade Alcorn starting in 2006 as a proof-of-concept. Evolved into open-source project on GitHub (beefproject/beef). Major releases align with browser vuln trends; v0.5.x introduced RESTful API. Actively maintained for ethical hacking community.

ruby(1), bundler(1), metasploit(1), sqlmap(1)