ChromeAlone

ChromeAlone transforms Chromium browsers into C2 implants, enabling covert operations with session stealing, credential capture, and remote execution.

image of ChromeAlone

Introduction

ChromeAlone - A Browser C2 Framework

ChromeAlone is a browser implant designed as an alternative to conventional implants like Cobalt Strike. It provides a build process to generate a management console, deploy infrastructure, and create a PowerShell sideloader script for target execution.

Key features include:

SOCKS TCP Proxy: Establishes a proxy on the host.
Session Stealing: Captures browser sessions and credentials.
Remote Execution: Launches executables on the host from Chrome.
WebAuthn Phishing: Targets physical security tokens.
EDR Resistance: Achieves persistence using Chromium's built-in features.

Use cases:

Red team engagements requiring browser-based persistence.
Circumventing traditional endpoint detection and response (EDR) systems.
Phishing campaigns targeting WebAuthn credentials.
Establishing covert communication channels via browser extensions.

Information

Publisher
Admin
Websitegithub.com
Published date2025/08/23

Categories

Tags

More Products

image of Freeway

Wireless SecurityRed Team Operations

Freeway

Freeway: Python-based WiFi penetration testing tool for ethical hackers and pentesters to audit and secure networks.

image of WifiPumpkin3 Pro

Wireless SecurityRed Team OperationsSocial Engineering

WifiPumpkin3 Pro

WifiPumpkin3 Pro: A professional framework for Wi-Fi security testing, rogue access point deployment, and adversarial emulation for red teams.

Wireless Phishing

image of Modlishka

Red Team Operations

Modlishka

Modlishka is a MITM proxy to bypass 2FA, enabling transparent multi-domain TLS traffic over a single domain without client certificates.