Demo Reports
This folder contains sanitized demo HTML reports generated by
infostealer_audit.py. All personal data has been replaced with
fictional placeholders (mario.rossi@gmail.com, demo-user,
DEMO-PC, example-employer.com, etc.).
They are provided so you can preview the report format and all nine
tabs without running the tool on your own machine first.
⚠️ Each report carries a blue DEMO REPORT banner at the top
reminding you the data is fictional.
Available reports
| File | Language | Report language tag |
|---|---|---|
| IT_infostealer_demo.html | 🇮🇹 Italiano | --lang it |
| EN_infostealer_demo.html | 🇬🇧 English | --lang en |
| FR_infostealer_demo.html | 🇫🇷 Français | --lang fr |
| DE_infostealer_demo.html | 🇩🇪 Deutsch | --lang de |
| ES_infostealer_demo.html | 🇪🇸 Español | --lang es |
Viewing locally: download the
.htmlfile and open it in any
browser — it is fully self-contained (no external CSS/JS).Viewing on GitHub: use the Raw button on the file page, then
save-as to disk and open locally. GitHub does not render HTML files
in the UI by design.
What each demo shows
Scenario
The fictional user mario.rossi has:
- Chrome 148 — 57 credentials, all v20-ABE protected (not
decryptable by a user-mode infostealer). - Edge 148 — 2 credentials, v10 (decryptable in seconds by any
user-mode process). - Both browsers are on the current stable version → risk score 1/10,
decrypt difficulty VERY_HARD. - A Discord token present in LevelDB (HIGH severity).
- Windows Credential Manager with 10 entries including GitHub,
Microsoft Account, and an Epic Games SDK token.
Overall risk: LOW
Despite 57 v20-ABE protected credentials, the 2 unprotected Edge v10
credentials and the Discord token are enough to keep the overall risk
above ZERO. The fix recommendations tab lists exactly what to do.
How the demo was generated
# Generate one report per language (offline, no tool install)
py infostealer_audit.py --no-online --no-tools --lang it
py infostealer_audit.py --no-online --no-tools --lang en
py infostealer_audit.py --no-online --no-tools --lang fr
py infostealer_audit.py --no-online --no-tools --lang de
py infostealer_audit.py --no-online --no-tools --lang es
# Sanitize (remove personal data, add DEMO watermark, prefix filenames)
py sanitize_demo_reports.py
The sanitizer script (sanitize_demo_reports.py) applies ~30 regex
substitutions covering names, emails, usernames, device tokens, employer
URLs, medical-clinic URLs, school URLs, AppData paths, and android-scheme
credential keys.
Re-generating the demos
If you have updated the tool and want to regenerate the demos:
- Run the tool on your own machine (not someone else's!).
- Run
py sanitize_demo_reports.pyto strip your personal data. - Verify with the built-in check that prints
[OK] ... pulitofor
each file. - Move the files from
reports/demo/towiki/demo-reports/(the
script writes toreports/demo/; you move them here afterwards). - Commit only the five
*_demo.htmlfiles.
Language auto-detection
When you run infostealer_audit.py without --lang, the tool reads
your Windows locale from the registry:
HKCU\Control Panel\International\LocaleName
If the locale maps to one of it, en, fr, de, es the report is
generated in that language automatically. Otherwise it defaults to
English.
You can always override with --lang:
py infostealer_audit.py --lang fr
py pwd_audit.py --lang de
Supported codes: it · en · fr · de (alias du) · es
See CLI Reference for the full flag list.