# T1217: Browser Bookmark Discovery

Adversaries may enumerate browser bookmarks to learn more about compromised hosts. Browser bookmarks may reveal personal information about users (ex: banking sites, interests, social media, etc.) as well as details about internal network resources such as servers, tools/dashboards, or other related infrastructure.

Browsers bookmarks may also highlight additional targets after an adversary has access to valid credentials, especially Credentials in Files associated with logins cached by a browser.

Specific storage locations vary based on platform and/or application, but browser bookmarks are typically stored in local files/databases.

**Example**

This varies in the search since Browser's have their own folders for saving files an example would be Firefox directory found here:: **%APPDATA%\Mozilla\Firefox\Profiles\\**

![](https://315180959-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MRh03Vwd4nuiUi3Oje7%2F-MS04YiM_ssDKyBZHpvW%2F-MS04sCYKWiieMQ8Qn8i%2Fimage.png?alt=media\&token=5230bf81-c8cb-4633-8d3f-df30ac106afd)