SmbCrawler – SMB Share Discovery and Secret-Hunting

DumpBrowserSecrets is a publicly documented post-exploitation tool that harvests credentials and session tokens from major browsers (Chrome, Edge, Brave, Opera variants, Vivaldi, and Firefox). It uses a compiled executable and a DLL that are used to spawn a headless Chromium process and inject code (Early Bird APC) to leverage the IElevator COM interface to decrypt App‑Bound Encryption keys (Chrome 127+), handles DPAPI and NSS decryption for other browsers, and outputs structured JSON of recovered secrets; the report covers capabilities, evasion techniques, attack scenarios, detection points, and mitigation guidance.