Infornito

Infornito is a Python-based tool designed to extract forensic information from web browsers, including Chrome, Firefox, and Safari. It is primarily aimed at forensic analysts and cybersecurity professionals for investigating browser-related data such as browsing history, downloads, and other important web artifacts. The tool operates via the command line and allows for customization and filtering, making it a powerful tool for analyzing web data on both Unix and Windows operating systems (32-bit and 64-bit).

Key Features:

  1. Supported Browsers:

    • Chrome

    • Firefox

    • Safari

  2. Platform Compatibility:

    • Works on both Unix and Windows systems.

    • Requires Python 3.x for operation. It may not function correctly with older Python versions, particularly with special characters.

  3. Command Line Interface (CLI):

    • Infornito operates through the command line interface, making it highly flexible for integration with other command-line tools like grep, awk, cut, sed, etc.

    • It allows for the redirection of information dumps, making it possible to work with large datasets or filter data dynamically.

  4. Customizable Search:

    • Users can customize searches and apply filters, making it easier to target specific types of browser data.

    • The tool supports querying various data types, including browsing history, downloaded files, and other forensic data.

How Infornito Works:

  • Infornito is designed to pull valuable forensic data from browsers and format it into easily accessible information. The tool works by specifying profiles (e.g., a specific browser or user data profile) and providing the ability to export the data in different formats (e.g., CSV).

  • Example Commands:

    • Extracting History Data:

      python infornito.py history --profile 2 --export csv --to ~/Desktop/export

      This command will extract browsing history from profile 2 and export it as a CSV file to the specified directory.

    • Extracting Download Data:

      python infornito.py downloads --profile 2

      This command extracts the download history for profile 2.

    • Filtering History Data:

      python infornito.py history --profile 2 --filter domain=target.com --filter filetype=pdf --filter protocols=https --filter port=4880

      This command extracts browsing history for profile 2, filtering it by specific domain (target.com), file type (pdf), HTTPS protocol, and port (4880).

Supported Data Sections:

Infornito can extract and display various sections of browser data, including but not limited to:

  • Browsing History: URLs visited, timestamps, referrer data, etc.

  • Downloads: Files downloaded and their paths.

  • Cookies: Information stored in browser cookies.

  • Saved Passwords: Login credentials stored by the browser.

  • Local Storage & Extensions: Data stored locally by browsers and extensions installed.

PreviousWebBrowserPassViewNextHindsight

Last updated