This posting includes all of the demos that were presented during "Unmasking You!" at BlackHat 09 and DEFCON 17 by Joshua "Jabra" Abraham and Robert "RSnake" Hansen. 

Metasploit Autopwn (via BeEF)

This is a module from the Browser Exploitation Framework (BeEF) to perform an iframe redirection to Metasploit Browser Autopwn or a Browser Exploit. However, in this video, we used netcat (nc) instead of Metasploit. We configured netcat to listen and verify that the request was made to netcat. In exploitation, Metasploit would launch the exploit(s) against the client once the first request is made. 

Malicious Metasploit Applet (via BeEF)

Detecting Browser Plugins 

This is a module from the Browser Exploitation Framework (BeEF) to load a malicious Java Applet on the client. If the client runs the applet a connection from the client's system to the attacker's system is made using the Metasploit Exploitation Framework.

This is a module from the Browser Exploitation Framework (BeEF) to detect all of the plugins available within the browser. 

Visited URLs (Alexa Top 500)

This is a module from the Browser Exploitation Framework (BeEF) to identity all of the URL that the client has visited. This technique uses the CSS history to identify valid results. 

SMBenum (Software Detection)

This is a module from the Browser Exploitation Framework (BeEF) to detect software on the clients machine. This technique uses local rendering of GIF images with SMB within the browser. 

Virtualization Detection

This is a module from the Browser Exploitation Framework (BeEF) to detect the virtualization technology being used on by the client. This technique uses the MAC address with a regular expression to identify if the client is running on VMware, QEMU, VirtualBox or Amazon EC2. 

Disabling Safebrowsing

These are the steps used to disable SafeBrowsing within the Firefox Browser. This can also be done using Edit->Preferences and selecting security, then unchecking "Block reported attack sites" and "Block reported web forgeries".