MSSQLand – Lightweight MS-SQL Interaction Tool for Lateral Movement and Post-Exploitation

DumpBrowserSecrets is a precompiled Windows post‑exploitation tool that harvests browser-stored secrets (saved credentials, session cookies, OAuth refresh tokens, credit cards, autofill data, history, and bookmarks) from Chromium- and Gecko-based browsers; for Chromium it spawns a headless process and injects a DLL to use the IElevator COM interface to decrypt App‑Bound Encryption keys, while Opera/Vivaldi use DPAPI and Firefox uses NSS decryption. The tool outputs structured JSON, includes operational evasion techniques (string obfuscation, API hashing, PPID/argument spoofing, Early Bird APC injection, file-handle duplication, custom SQLite parser), and is positioned for red-team assumed-breach testing but demonstrates a high-risk credential theft capability that can facilitate lateral movement and cloud account takeover on compromised developer endpoints.