beef-xss

beef-xss [-h] [-f FILE]

-h, --help
    Display help message and exit.

-f, --file FILE
    Load configuration from specified FILE instead of default.

BeEF (Browser Exploitation Framework) is an open-source penetration testing tool targeting web browser vulnerabilities, especially XSS (Cross-Site Scripting). The beef-xss command launches the BeEF server, which serves a hook script (hook.js) that victims load via exploited XSS payloads. Once hooked, the attacker's browser connects to the BeEF control panel at http://localhost:3000/ui/panel, enabling modules for network reconnaissance, browser fingerprinting, keylogging, phishing, and advanced exploits like port scanning or tunneling. Primarily used in Kali Linux for ethical hacking demos, it highlights client-side risks. Configuration is in /etc/beef-xss/config.yaml, customizable for ports, credentials, and extensions. Start with default creds: beef:beef. Ideal for red teaming but demands ethical use.

For authorized pentesting only; requires network privileges. Default ports: UI 3000, hook 3000. Misuse illegal. Edit config.yaml for production.

/etc/beef-xss/config.yaml
UI: http://127.0.0.1:3000/ui/panel
Hook: http://BEAF_IP:3000/hook.js

1. Run beef-xss
2. Inject hook.js via XSS
3. Control hooked browsers in UI

Originated 2006 by Wade Alcorn; evolved into mature framework. Integrated in Kali Linux as beef-xss package since 2013, with ongoing GitHub updates.

msfconsole(1), nikto(1), wireshark(1)