Maldev-Academy / DumpChromeSecretsView external linksLinks
Extract data from modern Chrome versions, including refresh tokens, cookies, saved credentials, autofill data, browsing history, and bookmarks
☆545Jan 8, 2026Updated last month
Alternatives and similar repositories for DumpChromeSecrets
Users that are interested in DumpChromeSecrets are comparing it to the libraries listed below
Sorting:
- PowerShell tool that shows how to read and write NTLM OWF values via samlib.dll.☆72Oct 22, 2025Updated 3 months ago
- template for developing custom C2 channels for Cobalt Strike using IAT hooks applied by a reflective loader.☆101Jan 10, 2026Updated last month
- AppLocker-Based EDR Neutralization☆289Dec 19, 2025Updated last month
- ☆70Dec 26, 2025Updated last month
- Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll☆135Apr 18, 2025Updated 9 months ago
- Extracts browser-stored data such as refresh tokens, cookies, saved credentials, credit cards, autofill entries, browsing history, and bo…☆530Jan 26, 2026Updated 2 weeks ago
- adws enumeration bof☆162Oct 2, 2025Updated 4 months ago
- A BOF that's a BOF Loader and more☆196Jan 17, 2026Updated 3 weeks ago
- A Beacon Object File (BOF) for Havoc/CS to Bypass PPL and Dump Lsass☆165Sep 22, 2025Updated 4 months ago
- This is the tool to dump the LSASS process on modern Windows 11☆555Nov 1, 2025Updated 3 months ago
- Remote BOF Runner is a Havoc extension framework for remote execution of Beacon Object Files (BOFs) using a PIC loader made with Crystal …☆88Jan 2, 2026Updated last month
- SharpSilentChrome is a C# project that "silently" installs browser extensions on Google Chrome or MS Edge by updating the browsers' Prefe…☆187Aug 6, 2025Updated 6 months ago
- ☆65Mar 15, 2024Updated last year
- EDR-Freeze is a tool that puts a process of EDR, AntiMalware into a coma state.☆800Nov 1, 2025Updated 3 months ago
- ProfileHound - BloodHound OpenGraph collector for user profiles stored on domain machines. Make informed decisions about looting secrets …☆151Jan 3, 2026Updated last month
- Using Chromium-based browsers as a proxy for C2 traffic.☆140Dec 6, 2025Updated 2 months ago
- Cobalt Strike BOF for evasive .NET assembly execution☆307Mar 31, 2025Updated 10 months ago
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆54May 12, 2025Updated 9 months ago
- The ADSyncDump BOF is a port of Dirk-Jan Mollema's adconnectdump.py / ADSyncDecrypt into a Beacon Object File (BOF) with zero dependencie…☆169Sep 3, 2025Updated 5 months ago
- Helps defenders find their WSUS configurations in the wake of CVE-2025-59287☆46Oct 28, 2025Updated 3 months ago
- Collection of BOFs created for red team/adversary engagements. Created to be small and interchangeable, for quick recon or eventing.☆233Updated this week
- ☆159Dec 13, 2024Updated last year
- LSASS memory dumper using only NTAPIs, creating a minimal minidump. It can be compiled as shellcode (PIC), supports XOR encryption, and r…☆381Apr 26, 2025Updated 9 months ago
- Abusing Azure services over C2☆368Jan 20, 2026Updated 3 weeks ago
- ☆106Aug 21, 2024Updated last year
- An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer☆539Feb 13, 2024Updated 2 years ago
- Extract SAM and SYSTEM using Volume Shadow Copy (VSS) API. With multiple exfiltration options and XOR obfuscation☆336Feb 2, 2026Updated last week
- Windows rootkit designed to work with BYOVD exploits☆214Jan 18, 2025Updated last year
- Blog/Journal on how to backdoor VSCode extensions☆76Updated this week
- Attacking the cleanup_module function of a kernel module☆56Jun 30, 2025Updated 7 months ago
- A tool to transform Chromium browsers into a C2 Implant☆542Dec 17, 2025Updated last month
- A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.☆609Jan 2, 2025Updated last year
- .NET assembly loader with patching AMSI and ETW bypass☆31Apr 16, 2025Updated 9 months ago
- ☆100Sep 1, 2024Updated last year
- StoneKeeper C2, an experimental EDR evasion framework for research purposes☆208Dec 25, 2024Updated last year
- One WSL BOF to rule them all☆138Jan 14, 2026Updated last month
- Sleep obfuscation☆265Dec 13, 2024Updated last year
- Golang Automation Framework for Cobalt Strike using the Rest API☆56Dec 4, 2025Updated 2 months ago
- Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …☆772Jan 26, 2026Updated 2 weeks ago