BHH logo


Getting reverse shell with HTA (IE only)

Getting reverse shell abusing UI expectations (IE only)

Skype iOS URI Scheme Abuse

Signed Java Applet Dropper

From XSS to Reverse Shell using BeEF droppers (Firefox extension and Signed Applet)

Using BeEF Social Engineering Extension: web cloner and mass mailer

Subverting a cloud-based infrastructure with XSS and BeEF

Distributed and Cross-origin Time-based blind SQL injection data dumping

TrixBox <=2.6.x pre-auth XSS + RCE using BeEF Bind Linux

Rooting your internals with Inter-protocol Exploitation