MITRE ATT&CK™ Sub-technique T1555.003
Just like other common programs and applications, most web browsers offer "credential saving" features allowing users to access restricted resources without supplying a username and password every time. The downside of this kind of features is that attackers that have access to the storage of these browsers can potentially extract those credentials and use them for credentials spraying, stuffing, and so forth.
There are other tools and modules that allow to operate browser credential dumping attacks like metasploit's
post/windows/gather/enum_chromemodules, firefox decrypt (Python) and chrome decrypter (Python). On Windows systems, browsers like Chrome, Brave and Opera rely on Windows's DPAPI to store credentials. Mimikatz (C) can then be used (e.g.