BrowserStealer

BrowserStealer"https://github.com/SaulBerrenson/BrowserStealer" is a tool designed to extract sensitive information like passwords, cookies, browsing history, and bookmarks from web browsers. It supports:

  • Chromium-based browsers (Google Chrome, Microsoft Edge, etc.)

  • Gecko-based browsers (Mozilla Firefox, etc.)

The tool works by accessing the data stored in various browser profiles and extracting the relevant information from the appropriate files (e.g., Login Data, Cookies, History, etc.).

How BrowserStealer Works:

The tool works by querying the browser's databases (like SQLite files) to extract the stored credentials and browsing data. Here's how it extracts information:

  • Passwords: The passwords are stored in encrypted databases (such as Login Data in Chrome and logins.json in Firefox). The tool decrypts and retrieves the stored passwords.

  • Cookies: It extracts stored cookies from the Cookies database used by browsers like Chrome, Firefox, and Edge.

  • History: It queries the browser history stored in files such as History in Chrome and places.sqlite in Firefox.

  • Bookmarks: Extracts URLs and titles of bookmarked pages.

Examples of Supported Browsers and Their Paths:

Here are some supported browsers and their corresponding paths to the profile data:

Chromium-based Browsers (Chrome, Edge, etc.):

  • Windows:

    • Chrome: C:\Users\<YourUsername>\AppData\Local\Google\Chrome\User Data\Default\Login Data

    • Edge: C:\Users\<YourUsername>\AppData\Local\Microsoft\Edge\User Data\Default\Login Data

  • macOS:

    • Chrome: ~/Library/Application Support/Google/Chrome/Default/Login Data

    • Edge: ~/Library/Application Support/Microsoft Edge/Default/Login Data

  • Linux:

    • Chrome: ~/.config/google-chrome/Default/Login Data

    • Edge: ~/.config/microsoft-edge/Default/Login Data

Firefox (Gecko-based) Browser:

  • Windows:

    • Firefox: C:\Users\<YourUsername>\AppData\Roaming\Mozilla\Firefox\Profiles\<ProfileName>\logins.json

  • macOS:

    • Firefox: ~/Library/Application Support/Firefox/Profiles/<ProfileName>/logins.json

  • Linux:

    • Firefox: ~/.mozilla/firefox/<ProfileName>/logins.json

PreviousBrowserFreakNextThe Ultimate Active Directory CheatSheet

Last updated