{ "id": "753338c3-9f9f-4953-b6fd-7825d5bf5189", "created_at": "2026-04-06T00:06:45.326363Z", "updated_at": "2026-04-10T03:36:48.379002Z", "deleted_at": null, "sha1_hash": "bfcf70ad2abc6d5512ddd3771ec2319821f7d0be", "title": "GitHub - PwnTheStack/Qvoid-Token-Grabber: Grabs Discord tokens, browser cookies and passwords; Bypasses any kind of Token Protectors.", "llm_title": "", "authors": "", "file_creation_date": "0001-01-01T00:00:00Z", "file_modification_date": "0001-01-01T00:00:00Z", "file_size": 123435, "plain_text": "GitHub - PwnTheStack/Qvoid-Token-Grabber: Grabs Discord\r\ntokens, browser cookies and passwords; Bypasses any kind of\r\nToken Protectors.\r\nBy PwnTheStack\r\nArchived: 2026-04-05 17:37:15 UTC\r\nAdvanced grabber that grabs browser passwords, cookies, and Discord tokens with the computer information.\r\nOur Discord Server: discord.gg/2rnC9f69x5\r\nI will no longer update this project, I will check and approve pull requests.\r\n🐵 Features\r\nProtection (AntiDebug, AntiEmulation, AntiWebSniffers, AntiVM, AntiSandboxie) is controlled through\r\nthe settings file.\r\nDiscord webhooks integration.\r\nGrabs tokens from all installed clients even if the primary path changed and deletes accounts duplicates.\r\nGrabs PC information + token information.\r\nShows top ten rarest friends.\r\nGrabs Discord password and sends the new info with every event that involves a password.\r\nSends screenshot of all screens at the moment of the grabbing.\r\nGrabs browser cookies and passwords.\r\nSupports many Chromium-based \u0026 Gecko-based browsers. [Password \u0026 Cookies].\r\nWIFI passwords stealer.\r\nCrypto-clipper.\r\nSelf-updating, When a new account is logged or a password changed, the grabber will send it again with\r\nthe latest information.\r\nBypasses Anti-Token-Grabbers.\r\n📣 Some notes\r\nAFTER THE BUILD U CAN DELETE EVERYTHING IN THE OUTPUT DIRECTORY EXCEPT THE\r\nEXE FILE!\r\nI created this project for educational purposes only, so please do not use it to harm and damage; I started this\r\nproject because I wanted to learn about Discord's infrastructure and possible exploits. Meanwhile, I made the base\r\nof this token-grabber (like a year ago), but not long ago, I continued this project, and this is the final result; of\r\ncourse, I will update it and add more features in the future, but mean-while remember to use your power for good\r\n😲. If you liked it, consider ⭐ this project and ️ (follow) me 🤔.\r\nhttps://github.com/Enum0x539/Qvoid-Token-Grabber\r\nPage 1 of 2\n\n⚡ Additional Information\r\n⛔ What can I do against token grabbers?\r\nTo be protected against token grabbers, you are more than welcome to install my Anti-Token-Grabber, which is\r\nlocated on my GitHub. [I will upload it later; meanwhile, try https://github.com/andro2157/DiscordTokenProtector\r\nalthough this grabber is bypassing it, other grabbers are not]\r\n🤓 This project is under Berkeley Software Distribution (BSD) license.\r\nThe source code doesn’t need to be public when a distribution of the software is made.\r\nModifications to the software can be released under any license.\r\nChanges made to the source code may not be documented.\r\nIt offers no explicit position on patent usage.\r\nThe license and copyright notice must be included in the documentation of the compiled version of the\r\nsource code (as opposed to only in the source code).\r\nThe BSD 3-clause states that the names of the author and contributors can’t be used to promote products\r\nderived from the software without permission.\r\n🎓 Educational Purposes\r\n\"Copyright Disclaimer Under Section 107 of the Copyright Act 1976, allowance is made for \"fair use\" for\r\npurposes such as criticism, comment, news reporting, teaching scholarship, and research. Fair use is a use\r\npermitted by copyright statutes that might otherwise be infringing. Non-profit, educational, or personal use tips\r\nthe balance in favor of fair use.\"\r\n🚨 LEGAL DISCLAIMER\r\nThe author does not hold any responsibility for the harmful use of this tool; remember that attacking targets\r\nwithout prior consent is illegal and punished by law.\r\n✅ Results\r\nSource: https://github.com/Enum0x539/Qvoid-Token-Grabber\r\nhttps://github.com/Enum0x539/Qvoid-Token-Grabber\r\nPage 2 of 2", "extraction_quality": 1, "language": "EN", "sources": [ "Malpedia" ], "references": [ "https://github.com/Enum0x539/Qvoid-Token-Grabber" ], "report_names": [ "Qvoid-Token-Grabber" ], "threat_actors": [ { "id": "9f101d9c-05ea-48b9-b6f1-168cd6d06d12", "created_at": "2023-01-06T13:46:39.396409Z", "updated_at": "2026-04-10T02:00:03.312816Z", "deleted_at": null, "main_name": "Earth Lusca", "aliases": [ "CHROMIUM", "ControlX", "TAG-22", "BRONZE UNIVERSITY", "AQUATIC PANDA", "RedHotel", "Charcoal Typhoon", "Red Scylla", "Red Dev 10", "BountyGlad" ], "source_name": "MISPGALAXY:Earth Lusca", "tools": [ "RouterGod", "SprySOCKS", "ShadowPad", "POISONPLUG", "Barlaiy", "Spyder", "FunnySwitch" ], "source_id": "MISPGALAXY", "reports": null }, { "id": "18a7b52d-a1cd-43a3-8982-7324e3e676b7", "created_at": "2025-08-07T02:03:24.688416Z", "updated_at": "2026-04-10T02:00:03.734754Z", "deleted_at": null, "main_name": "BRONZE UNIVERSITY", "aliases": [ "Aquatic Panda", "Aquatic Panda ", "CHROMIUM", "CHROMIUM ", "Charcoal Typhoon", "Charcoal Typhoon ", "Earth Lusca", "Earth Lusca ", "FISHMONGER ", "Red Dev 10", "Red Dev 10 ", "Red Scylla", "Red Scylla ", "RedHotel", "RedHotel ", "Tag-22", "Tag-22 " ], "source_name": "Secureworks:BRONZE UNIVERSITY", "tools": [ "Cobalt Strike", "Fishmaster", "FunnySwitch", "Spyder", "njRAT" ], "source_id": "Secureworks", "reports": null }, { "id": "6abcc917-035c-4e9b-a53f-eaee636749c3", "created_at": "2022-10-25T16:07:23.565337Z", "updated_at": "2026-04-10T02:00:04.668393Z", "deleted_at": null, "main_name": "Earth Lusca", "aliases": [ "Bronze University", "Charcoal Typhoon", "Chromium", "G1006", "Red Dev 10", "Red Scylla" ], "source_name": "ETDA:Earth Lusca", "tools": [ "Agentemis", "AntSword", "BIOPASS", "BIOPASS RAT", "BadPotato", "Behinder", "BleDoor", "Cobalt Strike", "CobaltStrike", "Doraemon", "FRP", "Fast Reverse Proxy", "FunnySwitch", "HUC Port Banner Scanner", "KTLVdoor", "Mimikatz", "NBTscan", "POISONPLUG.SHADOW", "PipeMon", "RbDoor", "RibDoor", "RouterGod", "SAMRID", "ShadowPad Winnti", "SprySOCKS", "WinRAR", "Winnti", "XShellGhost", "cobeacon", "fscan", "lcx", "nbtscan" ], "source_id": "ETDA", "reports": null }, { "id": "d53593c3-2819-4af3-bf16-0c39edc64920", "created_at": "2022-10-27T08:27:13.212301Z", "updated_at": "2026-04-10T02:00:05.272802Z", "deleted_at": null, "main_name": "Earth Lusca", "aliases": [ "Earth Lusca", "TAG-22", "Charcoal Typhoon", "CHROMIUM", "ControlX" ], "source_name": "MITRE:Earth Lusca", "tools": [ "Mimikatz", "PowerSploit", "Tasklist", "certutil", "Cobalt Strike", "Winnti for Linux", "Nltest", "NBTscan", "ShadowPad" ], "source_id": "MITRE", "reports": null } ], "ts_created_at": 1775434005, "ts_updated_at": 1775792208, "ts_creation_date": 0, "ts_modification_date": 0, "files": { "pdf": "https://archive.orkl.eu/bfcf70ad2abc6d5512ddd3771ec2319821f7d0be.pdf", "text": "https://archive.orkl.eu/bfcf70ad2abc6d5512ddd3771ec2319821f7d0be.txt", "img": "https://archive.orkl.eu/bfcf70ad2abc6d5512ddd3771ec2319821f7d0be.jpg" } }