BeEF has an incredible amount of functionality, from ascertaining the type of browser the victim is using, to the exploitation of known vulnerabilities and the complete compromise of the client system. Some of the most interesting features are as follows:

• Social Engineering—Pretty Theft: This is a social engineering tool that allows us to simulate a login popup resembling common services such as Facebook, LinkedIn, YouTube, and others.
• Browser—webcam and browser—webcam HTML5: As obvious as it might seem, these two modules are able to abuse a permissive configuration to activate the victim's webcam. The first uses a hidden flash embed and the second uses HTML5.

• Exploits folder: This contains a collection of exploits for specific software and situations; some of them exploit servers and others the client's browser.
• Browser—hooked domain/get stored credentials: This attempts to extract the username and passwords for the compromised domains stored in the browser.
• Use as proxy: If we right-click on a hooked browser, we get the option to use it as a proxy, which makes the client's browser a web proxy; this may give us the chance to explore our victim's internal network.

There are many other attacks and modules in BeEF that are useful to a penetration tester; if you want to learn more, you can check out the official wiki at https://github.com/beefproject/beef/wiki.