LostMyPassword – Dual Use Password Recovery and Credential Dumping Tool

DumpBrowserSecrets is a precompiled Windows post‑exploitation tool that extracts saved credentials, session cookies, OAuth refresh tokens, credit card data, autofill entries, and browsing history from Chromium-based browsers (Chrome, Edge, Brave, Opera variants, Vivaldi) and Firefox. It implements an App‑Bound Encryption bypass for Chromium (spawning a headless browser and injecting a DLL via Early Bird APC to use the IElevator COM interface), handles DPAPI and NSS decryption where applicable, includes operational evasion (string obfuscation, API hashing, PPID/argument spoofing, file-handle duplication), outputs structured JSON, and is intended for red team/assumed‑breach assessments while also being directly relevant to defensive testing and detection of browser credential theft.