Skip to content

thewhiteh4t/LLMReaper

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
chrome_ext
chrome_ext
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
llmreaper.py
llmreaper.py
 
 

Repository files navigation

LLMReaper created by Lohitya Pushkar (thewhiteh4t)

Passive LLM Conversation Capture & Sensitive Data Exposure Research

Chromium MV3 Extension • Real-Time DOM Capture • Secret Detection • FastAPI Backend

Warning

This project is provided strictly for security research, educational use, and defensive awareness purposes. Unauthorized deployment against systems, users, or environments without explicit permission may violate local laws, regulations, organizational policies, or terms of service.

Overview

LLMReaper is a proof-of-concept security research demonstrating how browser extensions with standard DOM access can silently observe, capture, and scan AI platform conversations for accidentally exposed sensitive data without any special permissions, network interception, or privilege escalation.

Threat actors constantly upload malicious browser extensions mimicking the real thing and social engineer users on a large scale.

How it works

Note

Detailed blogpost : https://thewhiteh4t.github.io/blog/ai-chat-llmreaper/

  • An unpacked chrome extension is provided which shows the social engineering aspect as well as the conversation capture.
  • In chrome we can enable dev mode and load unpacked extensions.
  • After loading the extension we can simply switch to any of the supported platforms and begin talking
  • The extension will capture the chat in real time and will send it the backend
  • A set of regex matches are used to find secrets from the conversation

Supported Platforms

Platform Status
ChatGPT ✅ Supported
Claude ✅ Supported
Gemini ✅ Supported

Detection Coverage

The backend detection engine scans for:

  • API Keys — OpenAI, Anthropic, AWS, GCP, Azure, GitHub, Stripe, Twilio, and more
  • Authentication Tokens — JWTs, Bearer tokens, OAuth tokens, session cookies
  • Cloud Credentials — AWS access key IDs, secret keys, GCP service account keys
  • Secrets and Passwords — Common patterns in environment variables and config files
  • PII — Email addresses, phone numbers, SSNs, credit card patterns
  • Connection Strings — Database URIs, JDBC strings, Redis/MongoDB connection strings

Installation

Arch Linux

sudo pacman -S python-fastapi python-uvicorn

Debian / Ubuntu

sudo apt install python3-fastapi python3-uvicorn

Using pip

pip install fastapi uvicorn

Usage

Browser

  • Chrome -> Three dot menu -> Extensions -> Manage extensions
  • Turn on developer mode
  • Load unpacked extension -> Select LLMReaper/chrome_ext directory

Terminal

cd LLMReaper

python3 LLMReaper.py

Demo

YouTube

Created by Lohitya Pushkar (thewhiteh4t)

About

Passive LLM Conversation Capture & Sensitive Data Exposure Research

Topics

javascript python html privacy proof-of-concept poc browser-extension awareness browser-security malicious-extension llm llm-security llm-tools awareness-project awareness-training

Resources

Readme

License

MIT license
Activity

Stars

10 stars

Watchers

0 watching

Forks

0 forks
Report repository

Contributors

Languages