30 open-source projects similar to moond4rk/hackbrowserdata, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best HackBrowserData alternative.
LaZagne is a cross-platform credential recovery tool designed to extract passwords and secrets from operating systems, browsers, and applications. It functions as a security utility for retrieving stored credentials from compromised systems during penetration testing. The tool provides capabilities for decrypting domain credentials and extracting sensitive data from system storage, including memory dumps, credential managers, keychains, and password hashes. It recovers stored passwords from common software by accessing plaintext files, APIs, and local databases. The project supports digital
SharpDPAPI is a C# port of some DPAPI functionality from @gentilkiwi's Mimikatz project.
Pillager是一个适用于后渗透期间的信息收集工具
Dumping DPAPI credz remotely
Mimikatz is a security research suite designed for auditing Windows authentication and managing system security configurations. It provides a comprehensive framework for extracting sensitive credentials, manipulating process privileges, and managing digital identity assets directly from system memory or offline memory dumps. The project distinguishes itself through advanced system-level exploitation techniques, including runtime process injection, API hooking, and the ability to bypass cryptographic export restrictions. It features a specialized toolkit for Kerberos protocol operations, allow
If you like this project, consider purchasing licenses of OctoPwn, our full pentesting suite that runs in your browser! For notifications on new builds/releases and other info, hop on to our Discord
SocialFish is a credential harvesting tool and phishing framework designed to intercept usernames, passwords, and two-factor authentication codes through deceptive web pages. It functions as a social engineering platform and information gathering tool used to collect target data and system information for security research and penetration testing. The system utilizes a reverse proxy to tunnel network traffic and capture real-time HTTP requests and session cookies. It features a live operator panel for intercepting one-time passwords and employs browser-based cloning to replicate authenticatio
Covenant is a .NET-based command and control framework designed for red team operations and adversary simulation. It serves as a collaborative platform for coordinating security assessments, managing remote implants, and executing tasks on compromised systems through a centralized server. The project is distinguished by its dynamic payload generator, which compiles and obfuscates executable binaries and scripts on the fly to bypass detection. It further separates itself through a collaborative environment that allows multiple authenticated operators to share a synchronized state, track operat
Fake Windows logon screen to steal passwords
credential dump using forshaw technique using SeTrustedCredmanAccessPrivilege
Crack any Microsoft Windows users password without any privilege (Guest account included)
Transparently tunnel your IP traffic through ICMP echo and reply packets.
This project is a technical repository of kernel exploit guides, memory corruption analyses, and archived methods for gaining root access. It serves as a centralized library of security flaws and reproduction steps used for testing system protections and verification. The documentation focuses on the Linux kernel, providing technical breakdowns of how memory management errors and multi-page write techniques allow for the modification of read-only files. It details the use of race conditions to achieve administrative privilege escalation. The repository covers a broad surface of security rese
SharpChromium is a .NET 4.0+ CLR project to retrieve data from Google Chrome, Microsoft Edge, and Microsoft Edge Beta. Currently, it can extract:
TruffleHog is a secret scanning tool designed to identify leaked credentials and API keys across version control systems, cloud storage, and filesystems. It functions as a git secret detector that enumerates hidden commits and a cloud storage security auditor for inspecting container images and storage buckets. The project is distinguished by a credential verification engine that tests discovered secrets against service APIs to confirm they are active, which eliminates false positive alerts. It further analyzes these verified credentials to determine the specific access levels and resources t