[go: up one dir, main page]
Scribd
Upload
68 views1 page

Assignment 2

The assignment focuses on simulating a phishing attack by setting up a fake website and using the Browser Exploitation Framework (BeEF) for analysis. Key tasks include creating a cloned website, obtaining a free domain, deploying BeEF, hooking a target, and documenting the findings. Requirements include using Kali Linux with a GUI and ensuring the system is online for a live demonstration.

Uploaded by

Memoona Asif
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
68 views1 page

Assignment 2

The assignment focuses on simulating a phishing attack by setting up a fake website and using the Browser Exploitation Framework (BeEF) for analysis. Key tasks include creating a cloned website, obtaining a free domain, deploying BeEF, hooking a target, and documenting the findings. Requirements include using Kali Linux with a GUI and ensuring the system is online for a live demonstration.

Uploaded by

Memoona Asif
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 1

Phishing & Browser Exploitation

Objective
The goal of this assignment is to simulate a phishing attack and analyse it by setting up a fake
website and using the Browser Exploitation Framework (BeEF) to hook a target. This exercise
will help you understand how attackers use social engineering and browser-based exploitation
techniques.

The tools mentioned here are only for reference. You can use any method/ tool.

Task Overview
You will:

1. Set Up a Fake Website: Use the Social Engineering Toolkit (SET) or manual techniques
to clone a real website (own target) and host it on a cloud-based machine. (You can
make use of AWS/ Azure free tier on student email)
2. Obtain a Free Domain or Subdomain: Use free domain services to get a free domain or
subdomain to make the fake website appear legitimate. (You are not allowed to use
paid Domain Name).
3. Deploy BeEF: Configure BeEF on your Kali Linux machine and inject its JavaScript
hook into your fake website.
4. Hook a Target: Once a victim accesses the fake website, use BeEF to capture
information and potentially launch further attacks.
5. Document Your Findings: Report on the steps taken, security risks demonstrated

Requirements
• Kali Linux with GUI. You need to have Kali In the cloud. A GUI desktop is required to
be installed afterwards on Kali as cloud based kali normally does not have any GUI
installed. (You may need to open firewall ports)
• Depict use of SET and BeEF (Browser Exploitation Framework).
• Obtain a Free domain or subdomain.
• Have the system online for demonstration.

You need to give a live demo. You can record the video as well as website may be taken by
cloud service provider.You can also host the fake website at your home PC but you need to
perform additional steps to bypass firewall, NAT restrictions.

You might also like