ChromeAlone - A Browser C2 Framework
ChromeAlone is a browser implant designed as an alternative to conventional implants like Cobalt Strike. It provides a build process to generate a management console, deploy infrastructure, and create a PowerShell sideloader script for target execution.
Key features include:
- SOCKS TCP Proxy: Establishes a proxy on the host.
- Session Stealing: Captures browser sessions and credentials.
- Remote Execution: Launches executables on the host from Chrome.
- WebAuthn Phishing: Targets physical security tokens.
- EDR Resistance: Achieves persistence using Chromium's built-in features.
Use cases:
- Red team engagements requiring browser-based persistence.
- Circumventing traditional endpoint detection and response (EDR) systems.
- Phishing campaigns targeting WebAuthn credentials.
- Establishing covert communication channels via browser extensions.
