thermoptic – Chrome-perfect HTTP Fingerprint Cloaking for Red Team Web Ops
ID: 117f818f-cbf7-5091-ad3c-3e0ba1ba0c33
STIX ID: report--117f818f-cbf7-5091-ad3c-3e0ba1ba0c33
Feed Name: Darknet
Threat Score
DumpBrowserSecrets is a post-exploitation Windows tool that harvests credentials and session tokens from major Chromium- and Gecko-based browsers by bypassing App‑Bound Encryption (via spawning a headless Chromium process and DLL injection using an IElevator COM bypass), extracting DPAPI or NSS-protected secrets, and outputting structured JSON; it includes multiple evasion techniques for EDR and is aimed at red-team use but is readily weaponizable by attackers.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.