AzureStrike – Offensive Toolkit for Attacking Azure Active Directory Environments

DumpBrowserSecrets is a post-exploitation credential-harvesting tool that extracts saved credentials, session cookies, OAuth refresh tokens, credit card data, autofill entries, and browsing history from Chrome, Edge, Brave, Opera (and variants), Vivaldi, and Firefox. It bypasses Chrome App‑Bound Encryption by spawning a headless Chromium process and injecting a DLL to call the IElevator COM interface, supports DPAPI and NSS decryption for other browsers, and includes operational evasion features (string obfuscation, API hashing, PPID/argument spoofing, file-handle duplication) making it useful for red-team and realistic assumed-breach testing.