Coder Social home page Coder Social logo

phx / browserintel Goto Github PK

View Code? Open in Web Editor NEW
0.0 1.0 0.0 14.29 MB

Suite of python3 tools including platform-dependent golang binaries to gather browser info from red team exercises

License: MIT License

Python 100.00%
python3 golang redteam hacking browser cookies sqlite sqlite3 cybersecurity

browserintel's Introduction

Platform: ALL Dependencies: Python3 Version: Latest Follow @rubynorails on Twitter

browserintel

This entire suite of utilities is designed to be run from the browserintel.py script, thus it requires a working Python3 environment with native libraries.

Please note that for Chrome encrypted data to be decrypted, you will need to use the -A flag and must be running this locally on the host where the data resides (and know the login password in the case of MacOS).

This is not the case for Firefox data, which is unencrypted most of the time, but can be decrypted on a different machine if you know the password it was encrypted with (-p [MASTER PASSWORD]).

Usage

usage: browserintel.py [-h] [-u USERNAME] [-p MASTER_PASSWORD] [-b BROWSER_DIR] [-pp PROFILE_DIR] [-cp COOKIES_PATH] [-hp HISTORY_PATH] [-lp LOGINS_PATH] [-A] [-C] [-H] [-L]

Gather data from various browser sqlite databases

optional arguments:
  -h, --help            show this help message and exit

String options:
  -u USERNAME, --user USERNAME
                        set the username for output directory
  -p MASTER_PASSWORD, --masterpass MASTER_PASSWORD
                        master password to use if Mozilla browser data is encrypted
  -b BROWSER_DIR, --browserdir BROWSER_DIR
                        path to main browser directory to search
  -pp PROFILE_DIR, --profile-path PROFILE_DIR
                        path to specific profile directory to search
  -cp COOKIES_PATH, --cookies-path COOKIES_PATH
                        path to cookies database
  -hp HISTORY_PATH, --history-path HISTORY_PATH
                        path to history database
  -lp LOGINS_PATH, --logins-path LOGINS_PATH
                        path to logins database

Boolean options:
  -A, --all             Attempt to gather all data from all installed browsers (except for IE)
  -C, --cookies         attempt to gather cookies information
  -H, --history         attempt to gather history information
  -L, --logins          attempt to gather login information

Important note about AV Detection:

If deployed on a Windows host, the Go binaries may trigger AV in certain cases, so you have been warned.

Runnng on MacOS:

In order to run on MacOS, you will have to right-click on tools/hackbrowserdata/hbd-macos, and Click "Open".

This will actually run it and store results from your local machine probably in your home directory under results.

You can then just rm -rf ~/results, and run the bash script normally without the binary providing any additional difficulty.

To-Do:

  • [Potentially] add support for additional browsers
  • Add local support for more architectures

Troubleshooting:

For troubleshooting, please submit an issue.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.