Segnalo l'esistenza di questo interessante progetto chiamato BeEF [1].
Dalla homepage del progetto:
BeEF is the browser exploitation framework. A professional tool to demonstrate the real-time impact of browser vulnerabilities. Development has focused on creating a modular structure making new module development a trivial process with the intelligence residing within BeEF.
Current modules include the first public Inter-protocol Exploit, a traditional browser overflow exploit, port scanning, keylogging, clipboard theft and more. The modules are aimed to be a representative set of current browser attacks - with the notable exception of launching cross-site scripting viruses.
Un video dimostrativo può essere reperito al seguente url:
http://v2s.org/~jabra/bt3-beef.avi [2]
In due parole si tratta di un framework modulare che mira a dimostrare e sfruttare l'impatto delle vulnerabilità legate ai web browser.
Autore
Mirko Iodice
mirko -at- notageek (.dot) it