Today's post is contributed by Ryan Linn.
In previous posts, we’ve looked at both how to use BeEF in a real world pen test, as well as how to use the REST API to automate common tasks in BeEF. In this post, we’re going to take a look at how to use the REST API to auto-run multiple modules at one time, and set up Twitter notification.
Why would we want to do this? In the Real World series, we looked at number of modules that can be helpful when profiling browsers. But, what if we want to run them automatically so we don’t have to point and click for each new hooked zombie? By default, BeEF allows for a single module to be auto-run. But, we can auto-run a number of different modules, and even customize them for specific browsers using the REST API.
Now we can easily manage more zombies coming in at a time from a social engineering campaign. Also, we have ensured that we have maximized the information we can get from the browser regardless how long a browser is hooked!