Dumpzilla — Extract Forensic Information of Browser

Kali Linux
Nov 1 · 3 min read

In this tutorial we are going to discuss about how we can do forensic investigation on a browser and get interesting information.

is a browser forensic command line tool it works on Windows,Mac and Linux. It comes pre-installed in our Kali Linux machine. Dumpzilla is written in Python3 and it can extract all forensic interesting information of Firefox, Iceweasel, and Seamonkey browser. Dumpzilla can collect information of following:

  • Cookies + DOM storage (HTML5)
  • Downloads
  • Web forms
  • History
  • Offline Cache
  • Thumbnail Extraction
  • Addons / Extensions and used path or URLs.
  • Browser saved passwords
  • SSL certificates added as a exception
  • Session data
  • Visualize live user surfing, URL used in each tab

In this simple words we an get browser’s passwords, history, bookmarks, cookies, extensions, sessions, permissions, downloads etc.

Let’s have a look on dumpzilla. To run this tool we open our Kali Linux terminal window and type following command :

The screenshot is following:

In Firefox browser’s saved data in profiles, to extract the data for forensic we use dumpzilla. Here we need to know the path of default profile. Different operating system have different path

C:\Documents and Settings\xx\Application Data\Mozilla\Firefox\Profiles\xxxx.default

/users/$USER/.mozilla/firefox/xxxx.default

/home/$USER/.mozilla/firefox/xxxx.deafult

Here we are going to test in our Kali Linux environment so we type following command to check the profiles

cd /root/.mozilla/firefox && ls

The screenshot is following:

Here we have highlighted the default profile. Now we run dumpzilla on the default profile by using following command to check the all things:

dumpzilla /root/.mozilla/firefox/3iezq4mz.default --All

The screenshot of the command is following:

Here we got all the data. Now we are going to extract all data in a text file on our desktop by using following command:

dumpzilla /root/.mozilla/firefox/3iezq4mz.default --All | tee /root/Desktop/firefox.txt

This command will save the firefox.txt file in our Desktop.

Here we can see every data extracted from our Firefox browser, like saved passwords, cookies, addons, history and many more.

Dumpzilla is a very good forensic tool in Kali Linux to extract private data from browsers. we can analyze those data to solve cyber crime cases.


Originally published at https://www.kalilinux.in.

Kali Linux

Written by

https://www.kalilinux.in is a fast growing blog to learn ethical hacking using Kali Linux.

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade