Skip to content

titusvnu/operating-system-security-audit-utility

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
docs
docs
 
 
extraction_components
extraction_components
 
 
registry-bypass
registry-bypass
 
 
.gitattributes
.gitattributes
 
 
README.md
README.md
 
 
config.py
config.py
 
 
main.py
main.py
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

Operating System Security Audit Utility

Description:
This project tests for system vulnerabilities to secure users' systems by extracting sensitive information from a Windows system. It gathers system hardware details, browser data (Chrome and Microsoft Edge), WiFi network credentials, and even interfaces with Android devices via ADB.

Features

  • Browser Data Extraction:

    • Extracts encrypted sensitive passwords using Powershell scripting (Edge) and SQL decryption methods (Chrome) Untitled design (1)

    • Retrieves browsing history by decrypting locally saved SQL databases Screenshot 2025-03-18 210737

    • Retrieves encrypted autofill data
      Untitled design (3)

  • Network Credential Extraction:

    • Extracts saved WiFi profiles and passwords. Untitled design (4)
 "system_network_passwords": {
    "NETGEAR68_EXT": "greatunicorn941",
    "TPLINK_42": "greatunicorn333"
  },
  "system_network_count": 2

  • Android Device Interface:
    Uses ADB to retrieve file listings from connected Android devices.

  • System & Hardware Information:
    Collects detailed data about CPU, memory, disk storage, GPU, motherboard, and OS information using WMI, psutil, and WMIC commands.

    Untitled design (5)

  • Data Packaging & Exfiltration:

    • Packages the collected data (logs, CSVs, etc.) and sends it via Discord webhooks for demonstration.

  • Logging:

    • Implements comprehensive logging to track the extraction process.
08/14 07:30 PM | chromedata | DEBUG |: Attempting to generate data files
08/14 07:30 PM | main | INFO |: Libraries imported successfully!
08/14 07:30 PM | main | DEBUG |: Public IP 
08/14 07:30 PM | main | DEBUG |: Webhook element successfully sent
08/14 07:30 PM | main | DEBUG |: Webhook element successfully sent
08/14 07:30 PM | main | DEBUG |: Webhook element successfully sent
08/14 07:30 PM | main | DEBUG |: Webhook element successfully sent
08/14 07:30 PM | main | DEBUG |: Webhook element successfully sent
08/14 07:30 PM | main | DEBUG |: Webhook element successfully sent

Requirements

  • Operating System: Windows 7, 8, 10, 11
  • Python Version: 3.6x+
  • Other:
    • Chrome & Microsoft Edge must be installed for browser data extraction.
    • An active ADB server for Android device interfacing.

Project History

This project was originally developed in July 2022, the summer after my freshman year of high school, fascinated with pushing the limits of malware behavior with Python.

Although this early version reflects the learning curve of a beginner, this repository serves as a milestone in my journey, demonstrating both my initial creativity and my ongoing evolution in the Computer Science field.

Setup Instructions

  1. Clone the repository: 
    git clone https://github.com/titusvnu/system-credentials-profiling-malware.git
cd system-credentials-profiling-malware

About

Exploring vulnerabilities within browser databases, network data, and other various information to simulate how malware/spyware performs credential extraction and collects crucial data undetected. Made after my freshmen year of high school, July 2022. For educational and research purposes only :)

Topics

python malware lazagne cybersecurity-awareness

Resources

Readme

Contributing

Contributing
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages