{"id":15080596,"url":"https://github.com/prvvv/chromeforensics","last_synced_at":"2026-01-03T10:14:33.238Z","repository":{"id":246664218,"uuid":"821786134","full_name":"Prvvv/ChromeForensics","owner":"Prvvv","description":"Different code samples for Chrome browser analysis \u0026 post exploitation","archived":false,"fork":false,"pushed_at":"2024-06-29T13:08:13.000Z","size":10,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-01-23T03:28:54.575Z","etag":null,"topics":["chrome","chrome-devtools","exploit","forensic","forensics","forensics-tools","hacking","password","post-exploitation"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Prvvv.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-06-29T12:34:08.000Z","updated_at":"2024-08-29T17:27:19.000Z","dependencies_parsed_at":"2024-06-29T14:22:59.578Z","dependency_job_id":null,"html_url":"https://github.com/Prvvv/ChromeForensics","commit_stats":null,"previous_names":["prvvv/chromeforensics"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Prvvv%2FChromeForensics","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Prvvv%2FChromeForensics/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Prvvv%2FChromeForensics/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Prvvv%2FChromeForensics/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Prvvv","download_url":"https://codeload.github.com/Prvvv/ChromeForensics/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243896291,"owners_count":20365352,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["chrome","chrome-devtools","exploit","forensic","forensics","forensics-tools","hacking","password","post-exploitation"],"created_at":"2024-09-25T05:02:27.464Z","updated_at":"2026-01-03T10:14:33.227Z","avatar_url":"https://github.com/Prvvv.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# ChromeForensics\nDifferent code samples for Chrome browser analysis \u0026amp; post exploitation\n\n\u003e ChromeForensics should ***NOT*** be used for the purposes of unethical system hijacking or doxxing, and was made with the intentions of security research, pentests and data analysis. Any issues or complaints: prv@anche.no\n\n## Overview \u0026 Purpose\n\nThese samples are designed for finding and analysing different sources of data extracted from a ***Windows based Google Chrome browser***, the samples listed are designed to fetch and format data from the target systems internal files and locally stored cache.\nThey are designed for researchers and cyber security professionals to effectively and quickly extract sensitive data from a chrome profile and format them in a timebased, analytical state.\n\n## Samples and usage\n\n![](https://i.ibb.co/8612gMR/chromepost.png)\n\nChromeForensics samples are capable of harvesting the following data from a chrome profile\n\n### The Browsers Installation \u0026 Default state.  \nIt can detect whether Google Chrome is installed and if it is currently being used as the default browser on the system \n\n### Profile/User image\nIt can download the users currently used profile image locally from Chromes cache to the desktop \n\n### Extentions\nWhat browser extentions the user currently has installed on their Google Chrome profile\n\n### Bookmarks\nWhat bookmarks the user has added on their topbar within the browser\n\n![](https://i.ibb.co/BPTF6b0/bookmark.png)\n\n### Download History\nAll of the users recent and old download history, including links, timestamps and external sources\n\n### Search History\nAll of the users search history from within the systems cache and default browser settings including timestamps, urls and visited 3rd party redirects\n\n![](https://i.ibb.co/jhHMZMV/passwords.png)\n\n### Saved Passwords \u0026 Login History\nAll of the users 'kept' site logins, along with password hashes, full urls, timestamps and when the login was created on the system\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fprvvv%2Fchromeforensics","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fprvvv%2Fchromeforensics","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fprvvv%2Fchromeforensics/lists"}