Skip to content

superswan/ironwill-infostealer

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
src
src
 
 
.gitignore
.gitignore
 
 
Cargo.lock
Cargo.lock
 
 
Cargo.toml
Cargo.toml
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

IronWill

Really lazy and incomplete rust infostealer. Intended to be lightweight and makes minimal use of external libraries. Most interesting thing is decrypting firefox logins without NSS library or external tools.

Only prints to console at this time

Features

  • System and Hardware Enumeration
    • Hostname
    • Current user
    • Windows version
    • CPU and GPU info
    • Hardware Identifier (Windows Machine GUID)
  • Network
    • Public IP
    • GEO/IP context
  • Installed Software Discovery
    • Web browsers
    • VPN clients
    • Cloud storage
    • Developer tools
    • Communication platforms
  • AV Detection
    • Windows Defender
    • Detects many common 3rd party AV
  • Browser Data Collection
    • Firefox logins.json decryption without NSS library
    • Chrome-family saved credentials decryption (Google Chrome/Edge/Brave/Chromium)
  • Sensitive File Discovery
    • Scans user directories for high-risk file patterns
      • Credentials and secrets
      • Private keys and certs
      • VPN configs
      • Databases and backups
  • Clipboard Inspection
  • Cryptocurrency Wallet Discovery
  • Application Artifacts
    • Discord token grabber (broken)

About

Who could wield this hunk of iron now that its edge was gone? Who might love it when all it could do was bash dully against a foe instead of cutting through flesh and bone? Who would devote themselves to such insanity?

Topics

malware rust-malware infostealers

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Contributors

Languages