Search Claude Code, Cursor, Codex, and ChatGPT Desktop histories for accidentally pasted credentials during an authorized penetration test.
Load into a C2 framework like Cobalt Strike or Sliver as a Beacon Object File.
Export findings as NDJSON with severity and confidence scoring for a security report.
| 0xsv1/ghosttype-bof | freertos/freertos-sesip | ffmpegkit-maintained/ffmpeg | |
|---|---|---|---|
| Stars | 7 | 7 | 6 |
| Language | C | C | C |
| Last pushed | — | 2023-04-27 | — |
| Maintenance | — | Dormant | — |
| Setup difficulty | hard | moderate | easy |
| Complexity | 4/5 | 4/5 | 2/5 |
| Audience | developer | developer | developer |
Figures from each repo's GitHub metadata at analysis time.
Requires a C2 framework and Windows target, built with MinGW cross-compilation, no other runtime dependencies.
GhostType BOF is a Beacon Object File, a small self-contained piece of compiled code designed to run inside a C2 (command-and-control) agent, the kind of tool used by red teams and penetration testers to maintain access to a compromised Windows machine during an authorized engagement. Specifically, it scans conversation histories stored locally by AI coding tools to look for credentials a developer may have accidentally pasted into a chat. It targets four tools: Claude Code CLI (reads JSONL session files), Cursor IDE (reads SQLite databases via the system's winsqlite3.dll), Codex CLI (reads SQLite state and log databases), and ChatGPT Desktop (decrypts local conversations using Windows DPAPI and AES-256-GCM). Claude Desktop is detected but not yet scanned. The pattern engine has three match classes: 24 prefix-based patterns for well-known credential formats (AWS, Anthropic, GitHub, Stripe, Slack, and others), 7 structure-based patterns (JWTs, PEM private keys, connection strings, Vault tokens), and 10 heuristic matchers that use entropy filtering to catch likely-but-unrecognized keys. It filters out obvious placeholders and low-entropy test strings. Findings are output as NDJSON with severity and confidence levels. It is compatible with Cobalt Strike, Sliver, Havoc, Mythic, and Brute Ratel C2 frameworks. Written in C and cross-compiled with MinGW for 64-bit Windows. No runtime dependencies are dropped: SQLite, DPAPI, and AES all come from system DLLs already present on Windows 10 and later. The MIT license applies.
A red team tool that scans a compromised Windows machine's local AI coding tool histories for leaked credentials.
Mainly C. The stack also includes C, MinGW, Windows.
Setup difficulty is rated hard, with roughly 1h+ to a first successful run.
Mainly developer.
This repo across BitVibe Labs
Verify against the repo before relying on details.