// the find
byt3bl33d3r/chrome-decrypter
Python script to decrypt saved Chrome usernames and passwords on windows
Single-file Python script that decrypts Chrome's saved credentials on Windows by reading from the SQLite login database and using DPAPI or AES-GCM depending on Chrome version. Targets security researchers and pen testers who need local credential extraction without pulling in a full post-exploitation framework.
Handles both the pre-v80 DPAPI path and the post-v80 AES-256-GCM path that Chrome introduced when it started encrypting the key in Local State. Ships a pre-built .exe for environments without a Python toolchain. Pipfile pins dependencies so the environment is reproducible. The core logic is short enough to read and audit in five minutes.
Last touched April 2021 — Chrome's credential storage has continued to evolve and this almost certainly breaks on current versions. Ships a pre-built binary in the repo with no way to verify it matches the source, which is a supply-chain red flag for a tool that reads passwords. No error handling: if Chrome is open and has the DB locked, it silently fails. Zero test coverage and no CI.