Selection_291

Extract Information form Firefox Browser

Hello Everyone! Dumpzilla is a forensic tool written in python 3xx used to extract the all interesting information from the browser can say browser forensic tool. It is a command line tool and available for Kali Linux, windows as well as Mac 32/64 bits systems. With this tool we can extract the information of three browsers FirefoxIceweasel and Seamonkey  browser. It works  in command line interface. The information dumps could be redirected by pipes with tools such as grep, awk, cut, sed etc.

You can extract lot of information including History bookmarks, downloads, password, add-ons, cookies much more. After extraction you can export the data either in JSON or plain text.

You can extract the following data:

Download , History, Bookmarks.

Cookies, session data, browser saved data.

Addons , user preference.

Web forms (Searches, emails, comments)

URL open in each tab

Web Forms etc..

Installation:

Install the Dumpzilla by command line or manually

command: Sudo apt-get install dumpzilla or you can download manually click on bellow link.

Download Link

After download you need to give permission

sudo chmod +x dumpzilla.py and it will be executable.

Now use sudo python dumpzilla.py

There are many options with that you can extract the information. using –All option you can extract all the information or you can use one by one options like –history it will extract only history:

Lets check how to use:

we need to give a firefox path to extract the data

Kali Linux, Firefox browser path /home/$USER/.mozilla/firefox/xxxx.default –Summary ($user means user and xxx.default means your profile file where your Firefox data saved )

command will be sudo python dumpzilla.py /home/$user/.mozila/firefox/xxx.default/ –All with this command i retrieve the following information:

To extract the information there are lots of arguments use one by one or you can export in a json file will –Export argument

Here i Extract all bookmark with –Bookmarks argument

Export the data in plain text sudo python dumpzilla.py /home/$user/.mozila/firefox/xxx.default/ –All | tee /root/Desktop/mozile

Thank you for Reading

Follow us on LinkedIn, Twitter and Facebook