SharpChromium is a .NET 4.0+ CLR project to retrieve data from Google Chrome, Microsoft Edge, and Microsoft Edge Beta. Currently, it can extract:
Note: All cookies returned are in JSON format. If you have the extension Cookie Editor installed, you can simply copy and paste into the “Import” section of this browser addon to ride the extracted session.
Advantages
This rewrite has several advantages to previous implementations, which include:
Usage
Usage:
.\SharpChromium.exe arg0 [arg1 arg2 …]
Arguments:
all – Retrieve all Chromium Cookies, History and Logins.
full – The same as ‘all’
logins – Retrieve all saved credentials that have non-empty passwords.
history – Retrieve user’s history with a count of each time the URL was
visited, along with cookies matching those items.
cookies [domain1.com domain2.com] – Retrieve the user’s cookies in JSON format.
If domains are passed, then return only
cookies matching those domains. Otherwise,
all cookies are saved into a temp file of
the format “”%TEMP%\$browser-cookies.json””
Examples
Retrieve cookies associated with Google Docs and Github
.\SharpChromium.exe cookies docs.google.com github.com
Retrieve history items and their associated cookies.
.\SharpChromium.exe history
Retrieve saved logins (Note: Only displays those with non-empty passwords):
.\SharpChromium.exe logins
Notes on the SQLite Parser
The SQLite database parser is slightly bugged. This is due to the fact that the parser correctly detects data blobs as type System.Byte[], but it does not correctly detect columns of type System.Byte[].
As a result, the byte arrays get cast to the string literal “System.Byte[]”, which is wrong. I haven’t gotten to the root of this cause, but as a quick and dirty workaround I have encoded all blob values as Base64 strings.
Thus if you wish to retrieve a value from a column whose regular data values would be a byte array, you’ll need to Base64 decode them first.
In the realm of remote desktop management, evilrdp stands out as a powerful tool designed…
wa-tunnel is an innovative tool designed to tunnel TCP data through two WhatsApp accounts, leveraging…
Deepfake apps are sophisticated tools that utilize advanced AI algorithms, particularly Generative Adversarial Networks (GANs),…
Subdominator is a lightweight and fast tool designed for passive subdomain enumeration, primarily used in…
A critical vulnerability, CVE-2025-29927, has recently been identified in the Next.js ecosystem, allowing attackers to…
The Awesome-Redteam repository is a comprehensive collection of tools and resources designed for red teaming…