Chrome Driver for Fetching Web Content

[pedramamini]

What do you need?

This is a feature request with example code that should be able to be dropped right into installer/client/cli/:

https://gist.github.com/pedramamini/e1f7f9dc6013734fca44961cca4e7890

CLI tool and library for fetching content via Chrome driven by Selenium. Has some (rudimentary) tricks up its sleeve to evade
mechanized browser detection.

Requirements

pip install selenium
pip install webdriver_manager

Usage

Usage:
    usage: chrome_fetch.py [-h] [--sleep SLEEP] [--headless] [--debug] [--referrer [REFERRER]]
                           [--human]
                           url
    Fetch the inner text of a webpage.
    positional arguments:
      url                   URL of the webpage to fetch
    options:
      -h, --help            show this help message and exit
      --sleep SLEEP         Time to wait in-between operations
      --headless            Run in headless mode.
      --debug               Enable debug mode.
      --referrer [REFERRER]
                            Referrer URL to start from (default: https://www.google.com).
      --human               Mimick human behavior with mouse

Example

$ chrome_fetch.py https://inquest.net/blog/around-we-go-planet-stealer-emerges/ | summarize
ONE SENTENCE SUMMARY:
Planet Stealer, a new information-stealing trojan targeting sensitive data, highlights the evolving threat landscape and the importance of cybersecurity vigilance.

MAIN POINTS:
1. Planet Stealer is an emerging information-stealing trojan recently documented and sold in underground forums.
2. Implemented in Go, it aims to collect and exfiltrate sensitive information from compromised hosts.
3. It's part of the malware-as-a-service ecosystem, appealing to adversaries for data theft and sale.
4. The malware targets browser information, cryptocurrency wallets, and messenger credentials among others.
5. Features include sandbox evasion and data exfiltration via Telegram, indicating sophisticated capabilities.
6. Distributed as EXE files, often via loader trojans, with active command & control servers noted.
7. Communication with C2 servers uses HTTP API with JSON data, suggesting modern backend infrastructure.
8. Samples of Planet Stealer have been observed in the wild, packed with UPX for obfuscation.
9. Countermeasures include network-based detection systems and real-time threat intelligence application.
10. InQuest credits open-source intelligence for disclosing details about Planet Stealer, emphasizing community collaboration in threat intelligence.

TAKEAWAYS:
1. The emergence of Planet Stealer underscores the continuous innovation in malware development and distribution.
2. Information stealers remain a significant part of the cybercrime ecosystem due to their lucrative potential.
3. Effective cybersecurity measures require comprehensive network-based detection and real-time threat intelligence.
4. Collaboration and sharing of threat intelligence within the cybersecurity community are crucial for timely identification and mitigation of new threats.
5. Enterprises should enhance their security posture to protect against sophisticated threats like Planet Stealer through advanced detection capabilities and informed threat intelligence.