finds.dev← search

// the find

byt3bl33d3r/chrome-decrypter

★ 288 · Python · updated Apr 2021

Python script to decrypt saved Chrome usernames and passwords on windows

Single-file Python script that decrypts Chrome's saved credentials on Windows by reading from the SQLite login database and using DPAPI or AES-GCM depending on Chrome version. Targets security researchers and pen testers who need local credential extraction without pulling in a full post-exploitation framework.

Handles both the pre-v80 DPAPI path and the post-v80 AES-256-GCM path that Chrome introduced when it started encrypting the key in Local State. Ships a pre-built .exe for environments without a Python toolchain. Pipfile pins dependencies so the environment is reproducible. The core logic is short enough to read and audit in five minutes.

Last touched April 2021 — Chrome's credential storage has continued to evolve and this almost certainly breaks on current versions. Ships a pre-built binary in the repo with no way to verify it matches the source, which is a supply-chain red flag for a tool that reads passwords. No error handling: if Chrome is open and has the DB locked, it silently fails. Zero test coverage and no CI.

View on GitHub →

// want more like this?

We dig through GitHub every week and send a few repos picked for what you actually care about — each with an honest take like this one.

Get finds in your inbox → Search again →