BrowserSnatch is a powerful and versatile tool designed to "snatch" sensitive data from a variety of web browsers. This tool targets both Chromium-based browsers (such as Edge, Chrome, Opera, etc.) and Gecko-based browsers (such as Firefox, Thunderbird, etc.) overall including more than 40 browsers, making it a comprehensive solution for browser data extraction.
-
Snatch Latest App-Bound v20 Encrypted Cookies: Extract and decrypt latest app-bound encrypted cookies (chrome, edge, brave)
-
Snatch Saved Passwords: Effortlessly retrieve stored passwords from all major Chromium and Gecko-based browsers
-
Snatch Cookies: Extract cookies from user profiles across multiple browsers
-
Snatch Bookmarks: Snatch all saved bookmarks from every browser
-
Snatch History: Now supports snatching of history across all browsers
-
Super Fast: Written in c/c++ with very fast performance
-
Easy to Use: No complicated setup or configuration required
-
Zero External Dependencies: Completely written in c/c++, with little to no need for additional libraries
-
Cross-Browser Support: Handles both Chromium and Gecko-based browsers with ease
-
Greed Mode: Greed mode included which snatches everything in a single stealer db
-
Upcoming Features: Future versions will also support:
- App-Bound Encrypted Cookies from other major chromium browsers - Defense Evasion Techniques
BrowserSnatch is a tool designed for legal, ethical penetration testing and educational purposes only. The author is NOT responsible for any misuse or illegal activities performed using this tool. Always ensure you have proper authorization before testing any system or network.
By using BrowserSnatch, you agree to:
- Use this tool in compliance with all local, state, and federal laws
- Obtain proper authorization before testing any system or network
- Respect privacy and confidentiality when handling data
- Clone the repository
- Open in Visual Studio
- ISO C++17 Standard (/std:c++17) or higher
- Include missing packages (eg; nlohmann) using Visual Studio NuGet installer
- Compile
To run BrowserSnatch, simply execute the binary from the command line. The tool will operate in default mode if no parameter is provided.
Default Mode
- No Parameter Provided: Executes with default settings and attempts to snatch all saved passwords and cookies
CommandLine Mode
-
Parameter: -h: Displays a help menu detailing all available options.
Password Snatching
- Parameter: -pass: Snatch passwords from every browser.
- Parameter: -pass -c: Snatch passwords from Chromium-based browsers only.
- Parameter: -pass -g: Snatch passwords from Gecko-based browsers only.
Cookie Snatching
- Parameter: -cookies: Snatch cookies from every browser.
- Parameter: -cookies -c: Snatch cookies from Chromium-based browsers only.
- Parameter: -cookies -g: Snatch cookies from Gecko-based browsers only.
- Parameter: -app-bound-decryption: Snatch cookies from latest v20 app bound encryption only (requires admin)
Bookmarks Snatching
- Parameter: -bookmarks: Snatch bookmarks from every browser.
- Parameter: -bookmarks -c: Snatch bookmarks from Chromium-based browsers only.
- Parameter: -bookmarks -g: Snatch bookmarks from Gecko-based browsers only.
History Snatching
- Parameter: -history: Snatch history from every browser.
- Parameter: -history -c: Snatch history from Chromium-based browsers only.
- Parameter: -history -g: Snatch history from Gecko-based browsers only.
Greed Mode
- Parameter: -greed: Snatch everything from every browser and save in a single stealer database.
Console Mode
- Parameter: -console-mode: Displays a user-friendly console.
- Run the following command to start BrowserSnatch in default mode:
./BrowserSnatch- To see the user-friendly console interface, use:
./BrowserSnatch -console-mode- To see help menu, use:
./BrowserSnatch -h- To Snatch all browser passwords, use:
./BrowserSnatch -pass- To Snatch all browser cookies, use:
./BrowserSnatch -cookies- To Snatch chrome v20 app-bound encrypted browser cookies, use:
./BrowserSnatch -app-bound-decryption- To Snatch all browser bookmarks, use:
./BrowserSnatch -bookmarks- To Snatch all browser history, use:
./BrowserSnatch -history- To Snatch Everything from Every Browser, use Greed mode:
./BrowserSnatch -greedFollowing GIF demonstrates the working of BrowserSnatch and how its stealer log can be accessed.
| № | Browser Name | Passwords | Cookies | Bookmarks | History | v20 Cookie Decryption (App-Bound) |
|---|---|---|---|---|---|---|
| 1 | Chrome | ✅ | ✅ | ✅ | ✅ | ✅ |
| 2 | Microsoft Edge | ✅ | ✅ | ✅ | ✅ | ✅ |
| 3 | Chromium | ✅ | ✅ | ✅ | ✅ | ➖ |
| 4 | Brave - Browser | ✅ | ✅ | ✅ | ✅ | ✅ |
| 5 | Epic Privacy Browser | ✅ | ✅ | ✅ | ✅ | ➖ |
| 6 | Amigo | ✅ | ✅ | ✅ | ✅ | ➖ |
| 7 | Vivaldi | ✅ | ✅ | ✅ | ✅ | ➖ |
| 8 | Orbitum | ✅ | ✅ | ✅ | ✅ | ➖ |
| 9 | SeaMonkey | ✅ | ✅ | ✅ | ✅ | ➖ |
| 10 | Kometa | ✅ | ✅ | ✅ | ✅ | ➖ |
| 11 | Comodo Dragon | ✅ | ✅ | ✅ | ✅ | ➖ |
| 12 | Torch | ✅ | ✅ | ✅ | ✅ | ➖ |
| 13 | Icecat | ✅ | ✅ | ✅ | ✅ | ➖ |
| 14 | Postbox | ✅ | ✅ | ✅ | ✅ | ➖ |
| 15 | Flock Browser | ✅ | ✅ | ✅ | ✅ | ➖ |
| 16 | K - Melon | ✅ | ✅ | ✅ | ✅ | ➖ |
| 17 | Sputnik | ✅ | ✅ | ✅ | ✅ | ➖ |
| 18 | CocCoc Browser | ✅ | ✅ | ✅ | ✅ | ➖ |
| 19 | Uran | ✅ | ✅ | ✅ | ✅ | ➖ |
| 20 | Yandex | ✅ | ✅ | ✅ | ✅ | ➖ |
| 21 | Firefox | ✅ | ✅ | ✅ | ✅ | ➖ |
| 22 | Waterfox | ✅ | ✅ | ✅ | ✅ | ➖ |
| 23 | Cyberfox | ✅ | ✅ | ✅ | ✅ | ➖ |
| 24 | Thunderbird | ✅ | ✅ | ✅ | ✅ | ➖ |
| 25 | IceDragon | ✅ | ✅ | ✅ | ✅ | ➖ |
| 26 | BlackHawk | ✅ | ✅ | ✅ | ✅ | ➖ |
| 27 | Pale Moon | ✅ | ✅ | ✅ | ✅ | ➖ |
| 28 | Opera | ✅ | ✅ | ✅ | ✅ | ➖ |
| 29 | Iridium | ✅ | ✅ | ✅ | ✅ | ➖ |
| 30 | CentBrowser | ✅ | ✅ | ✅ | ✅ | ➖ |
| 31 | Chedot | ✅ | ✅ | ✅ | ✅ | ➖ |
| 32 | liebao | ✅ | ✅ | ✅ | ✅ | ➖ |
| 33 | 7Star | ✅ | ✅ | ✅ | ✅ | ➖ |
| 34 | ChromePlus | ✅ | ✅ | ✅ | ✅ | ➖ |
| 35 | Citrio | ✅ | ✅ | ✅ | ✅ | ➖ |
| 36 | 360Chrome - Chrome | ✅ | ✅ | ✅ | ✅ | ➖ |
| 37 | Elements Browser | ✅ | ✅ | ✅ | ✅ | ➖ |
| 38 | Sleipnir5 | ✅ | ✅ | ✅ | ✅ | ➖ |
| 39 | ChromiumViewer | ✅ | ✅ | ✅ | ✅ | ➖ |
| 40 | QIP Surf | ✅ | ✅ | ✅ | ✅ | ➖ |
| 41 | Coowon | ✅ | ✅ | ✅ | ✅ | ➖ |
- App-Bound-Decryption for other Chromium Browsers: Currently under Research
- Defense Evasion Techniques: Advance defense evasion techniques
Stay tuned for future releases!
For any inquiries or contributions, feel free to reach out to the author or contribute directly via GitHub Issues.
- Took help from the Project by SaulBerrenson called BrowserStealer.
- Took help with chrome key & password decryption from 0x00sec.
- Retrieving App-Bound encryption key from using PoC from snovvcrash.
- V2.1 Chrome App-Bound-Decryption based on PoC from runassu.
- Other browser support took from xaitax.