xsshunter-express – Self-Hosted Blind XSS Payload Capture and Analysis

DumpBrowserSecrets is a Windows post-exploitation tool that harvests credentials and session data from major browsers (Chrome/Edge/Brave via App-Bound Encryption bypass, Opera/Vivaldi via DPAPI, and Firefox via NSS). It uses headless Chromium + DLL injection (Early Bird APC) to decrypt app_bound_encrypted_key via the IElevator COM interface, includes multiple evasion techniques, outputs structured JSON, and poses a high-risk vector for lateral movement and cloud account takeover if used by adversaries.