Got BeEF? If you have no idea what I’m talking about, or think it’s a Wendy’s commercial, you are in for a big surprise. Go to http://www.bindshell.net/tools/beef/ and you will forever be changed. Here is the description of what BeEF is, directly from the source:
“BeEF is a browser exploitation framework. This tool will demonstrate the collecting of zombie browsers and browser vulnerabilities in real-time. It provides a command and control interface which facilitates the targeting of individual or groups of zombie browsers.”
Recently I saw BeEF in action, showing how it can be used with a Cross Site Scripting (XSS) attack to silently turn an unsuspecting user’s browser session into a Zombie that does the hackers bidding, all without the victim ever knowing anything.
Imagine someone getting you to commit crimes, steal for them, or whatever they wanted all while you thought you were doing something else, it was a serious eye-opener. There are lots of tutorials to show you how to use BeEF: http://www.bindshell.net/tools/beef/tutorials
Now that I have your attention it’s time to start thinking about hacking and how to avoid becoming a victim. Learn about the tools available, the threats that are common, and what you can do to prevent them. Consider taking one of the many courses offered from the SANS Institute, believe me it will be worth it!