← 返回命令列表

Linux command

beef 命令

文本

复制后可按需替换文件名、目录或参数。

常用示例

Start BeEF

beef-xss

Start BeEF

beef-xss -c [path/to/config.yaml]

Start BeEF

beef-xss -x [interface] -p [port]

Display help

beef-xss -h

Stop BeEF

beef-xss-stop

说明

BeEF (Browser Exploitation Framework) is a penetration testing tool focused on exploiting vulnerabilities in web browsers. Unlike traditional network-based tools, BeEF targets the client-side attack surface by injecting JavaScript hooks into web pages. When a target browser loads a page containing the BeEF hook script, it establishes a persistent connection to the BeEF control panel. Security professionals can then execute various command modules against the hooked browser, testing for vulnerabilities like XSS, session hijacking, and social engineering attacks. The tool provides a web-based UI accessible at http://127.0.0.1:3000/ui/panel by default. The hook script is served at http://\<IP\>:3000/hook.js and must be embedded in target pages via a script tag.

参数

-c _config_
Path to a custom YAML configuration file
-x _interface_
Network interface to bind the server
-p _port_
Port number to listen on (default: 3000)
-v
Enable verbose output
-h, --help
Display help and available options. On first run, BeEF prompts to set a password if default credentials are detected.

FAQ

What is the beef command used for?

BeEF (Browser Exploitation Framework) is a penetration testing tool focused on exploiting vulnerabilities in web browsers. Unlike traditional network-based tools, BeEF targets the client-side attack surface by injecting JavaScript hooks into web pages. When a target browser loads a page containing the BeEF hook script, it establishes a persistent connection to the BeEF control panel. Security professionals can then execute various command modules against the hooked browser, testing for vulnerabilities like XSS, session hijacking, and social engineering attacks. The tool provides a web-based UI accessible at http://127.0.0.1:3000/ui/panel by default. The hook script is served at http://\<IP\>:3000/hook.js and must be embedded in target pages via a script tag.

How do I run a basic beef example?

Run `beef-xss` in a terminal, then adjust file names, paths, flags, or remote targets for your system.

What does -c _config_ do in beef?

Path to a custom YAML configuration file