Chromepass is a Python-based tool that extracts and decrypts saved passwords and cookies from Chromium-based browsers on Windows.
Chromepass - Hacking Chrome Saved Passwords
This tool is primarily used by security researchers and penetration testers to audit and demonstrate the risks of stored browser credentials. It generates a Windows executable that can remotely exfiltrate decrypted login credentials and cookies from popular Chromium browsers, aiding in identity and access management security assessments.
This tool targets Windows platforms and requires Python 3.9 or higher. It is recommended to run and build the tool within a Windows VM to avoid compatibility issues. Users should be aware that antivirus detection rates may increase over time, so testing on their own builds is advised. Ethical use is critical, as this tool can be used maliciously to steal credentials.
Ensure Python 3.9+ is installed
Perform installation inside a Windows virtual machine for best compatibility
Clone the repository from GitHub
Install any required Python dependencies as specified (not fully detailed in README)
Build the Windows executable using the provided scripts or instructionspython chromepass.py
Run the main Python script to generate the Windows executable for password extraction
Customize executable with custom icon, error message, and port via script options
Modify build parameters to tailor the generated executable's appearance and network behavior