In this section, we are going to discuss some other penetration testing tools that are used for performing social engineering attacks for security audits. These tools are as follows:
Browser Exploitation Framework (BeEF)
Social Engineering Framework (SEF)
The Browser Exploitation Framework is a penetration testing tool written in Ruby to launch client-side attacks against a targeted web browser to showcase both the web browser's weakness as well as to perform attacks through the web browser.
BeEF works on client-server architecture where the sever application manages the connected clients, also known as zombies or target, and JavaScript hooks that run in the web browser of the target machine.
BeEF uses vulnerabilities of the web browser to gain control of the target machine. It can be invoked from the menu as shown in the following screenshot:
Once the BeEF link on the menu bar has been opened by the attacker, the BeEF Server will run...