LLAMATOR – Red Team Framework for Testing LLM Security

DumpBrowserSecrets is a post-exploitation credential-harvesting tool that extracts passwords, session cookies, OAuth refresh tokens, credit card data, and other browser-stored secrets from major Windows browsers (Chromium-based and Firefox). It bypasses Chrome’s App-Bound Encryption by injecting a DLL into a headless Chromium process to call the IElevator COM interface, supports DPAPI and NSS decryption for other browsers, includes evasion techniques for EDR (string obfuscation, API hashing, PPID/argument spoofing, file-handle duplication), outputs structured JSON, and is intended for red-team or assumed-breach testing; the report also outlines detection and mitigation measures.