"Unlike other security frameworks, BeEF looks past the hardened network perimeter and client system, and examines exploitability within the context of the one open door: the web browser. BeEF will hook one or more web browsers and use them as beachheads for launching directed command modules and further attacks against the system from within the browser context."
An attacker will usually use the circumstance, that it is difficult to identify if a website contains malicious JavaScript that will hook the browser of a visitor.
Is there a way to reliably detect JavaScript code with a hooking ability on a website or email?
Once the browser has been hooked, how can the ongoing attack reliably been detected and documented from the perspective of the victim?