BeEF is short for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser.Amid growing concerns about web-borne attacks against clients, including mobile clients, BeEF allows the professional penetration tester to assess the actual security posture of a target environment by using client-side attack vectors. Unlike other security frameworks, BeEF looks past the hardened network perimeter and client system, and examines exploitability within the context of the one open door: the web browser. BeEF will hook one or more web browsers and use them as beachheads for launching directed command modules and further attacks against the system from within the browser context.
Step 1: Now.lets know how to use it. First we have to install it.So,in backtrack, navigate to Applications -> BackTrack -> Exploitation Tools -> Social Engineering Tools -> BEEF XSS Framework -> and select BeEF Installer.
Step 2: After you have successfully installed it.Navigate to Applications -> BackTrack -> Exploitation Tools -> Social Engineering Tools -> BEEF XSS Framework -> and select BeEF to start the server.The username and password are beef.
Step 3: Copy the highlighted link and paste in into your browser's url bar.
Step 4: Now send the link to your victim(don't forget to shorten this ).
You'll find the link in the first para after signing in into the BeEF.
Once the user opens the link sent by us.We'll got his browser.
The compromised browser will be shown in the left hand pane.Like this one.