Getting Started with BeEF

Focused View

Gavin Johnson-Lynn

1:46:14

16 View

01 - Course Overview

01 - Course Overview.mp4

01:32

02 - Logging in for the First Time

02 - Getting to Know BeEF.mp4

03:33

03 - Starting BeEF for the First Time.mp4

03:51

03 - Hooking Your First Browser

04 - Seeing a Realistic Scenario.mp4

02:34

05 - Understanding Cross-site Scripting.mp4

07:25

06 - Understanding How BeEF Helps.mp4

02:25

07 - Demonstrating Simple Commands with BeEF.mp4

07:15

08 - Summary.mp4

01:19

04 - Looking Under the Hood

09 - Looking at Communication.mp4

01:51

10 - Understanding BeEF Communication Methods.mp4

04:01

11 - Seeing the Initial Connection.mp4

04:59

12 - Sending a Command.mp4

02:36

13 - Communication Summary.mp4

01:38

05 - Maintaining Client Persistence

14 - BeEF Persistence Options.mp4

02:27

15 - Social Engineering.mp4

06:08

16 - Social Engineering Demonstration.mp4

04:29

17 - Pop-under Persistence.mp4

04:14

18 - Pop-under Window Demonstration.mp4

05:08

19 - Man-in-the-browser.mp4

04:51

20 - Man-in-the-browser Demonstration.mp4

04:42

21 - Persistence Beyond the Browser.mp4

04:08

22 - Fake Notification Bar Demonstration.mp4

03:00

23 - Persistence Summary.mp4

02:30

06 - Automating BeEF

24 - The Automated Rule Engine.mp4

02:03

25 - Matching to Auto Run Commands.mp4

04:39

26 - Demonstrating Matching and Chaining.mp4

05:14

27 - Demonstrating Automated Credential Theft.mp4

03:20

28 - Demonstrating Sequential Automated Commands.mp4

01:36

29 - Automated Rules Summary.mp4

02:46

Description

BeEF is a tool that allows cross-site scripting vulnerabilities to be investigated and exploited with minimal technical understanding. Learn how to use BeEF to exploit XSS and highlight just how critical this vulnerability can be to a website.

What You'll Learn?

Cross-site scripting (XSS) vulnerabilities can be seen as a small issue that allows an attacker to display dialog boxes and at worst steal cookies. BeEF allows us to demonstrate its importance by using XSS to demonstrate a wide variety of attacks, making it clear just how important it is to fix. In this course, Getting Started with BeEF, you will gain the ability to use BeEF to highlight how XSS can be used to highlight some of the possible effects of the vulnerability. First, you will learn about the types of XSS and how to use BeEF with the vulnerability. Next, you will discover how to maintain persistence on a machine that has been connected to our BeEF server. Finally, you will explore how to automate BeEF to allow vulnerabilities to be exploited without manual intervention. When you are finished with this course, you will have the skills and knowledge to use BeEF in a penetration test to highlight the extent to which XSS can be used against anyone who visits the affected website.

More details

User Reviews

Rating

average 0

Total votes0

Focused display

Ethical Hacking

Penetration Testing

Gavin Johnson-Lynn

Instructor's Courses

Gavin has 20 years’ experience writing software in regulated environments and for global organisations. The last five years of his development career were spent with a focus on security, becoming the security lead for a significant payments project at a FTSE 100 company. He has experience with languages from COBOL to .Net and now often finds those skills useful when developing with Python. Gavin's experience of software security revealed a passion for security, leading him to become a speaker and blogger on the subject. Gavin holds the Certified Secure Software Lifecycle Professional (CSSLP) and Scrum Master certifications and is currently part of an offensive security team, using his defensive knowledge to aid offensive security work.

Pluralsight

View courses Pluralsight

Pluralsight, LLC is an American privately held online education company that offers a variety of video training courses for software developers, IT administrators, and creative professionals through its website. Founded in 2004 by Aaron Skonnard, Keith Brown, Fritz Onion, and Bill Williams, the company has its headquarters in Farmington, Utah. As of July 2018, it uses more than 1,400 subject-matter experts as authors, and offers more than 7,000 courses in its catalog. Since first moving its courses online in 2007, the company has expanded, developing a full enterprise platform, and adding skills assessment modules.