macOS
brew install hack-browser-datalocal Homebrew formula metadata
brew
Command-line tool for decrypting and exporting browser data. Version 1.1.0 via Homebrew; verified 2026-06-14.
install
brew install hack-browser-datalocal Homebrew formula metadata
overview
Command-line tool for decrypting and exporting browser data
history
HackBrowserData is a Go command-line security and forensics tool for decrypting and exporting browser data. Its package identity is straightforward: install one binary, point it at local browser profiles or archived profile data, and export passwords, cookies, history, bookmarks, downloads, storage, extensions, and related browser artifacts.
The public GitHub repository was created in June 2020. The README describes support for Chromium-based browsers and Firefox on Windows, macOS, and Linux, plus Safari on macOS, and includes a legal-use disclaimer aimed at security research.
The project evolved from local extraction into richer workflows. Release notes and README content show additions such as local storage export, pure-Go SQLite-related refactoring, optimized encryption/decryption modules, Safari support, Chromium App-Bound Encryption support, and cross-host decryption workflows.
Adoption is visible in the repository scale, release activity, and packaging through Homebrew. The tool appeals to incident-response, red-team, browser-forensics, and security-lab users because browser secrets and artifacts are spread across OS-specific stores, SQLite databases, browser profile layouts, keychains, and DPAPI-like mechanisms.
Cross-host decryption broadened its operational model: an origin host can export Chromium master keys and archive relevant profile files, while an analyst host restores and decrypts offline, even across operating systems for some browser families.
The default `dump` command extracts local browser data with flags for browser, category, output directory, format, profile path, macOS keychain password, verbosity, and zip output. Other commands list profiles, export master keys, archive decryption-relevant files, restore copied profile data with exported keys, and print version information.
Supported data categories include passwords, cookies, bookmarks, history, downloads, credit cards for Chromium-based browsers, extensions, localStorage, and sessionStorage where supported. The README notes platform-specific requirements such as Full Disk Access for Safari and extra payload support for some Chromium cookie decryption on Windows.
HackBrowserData is notable as a packaged security tool because it compresses many browser- and OS-specific storage rules into one CLI. For package users, the value is less about a library API and more about repeatable collection, export formats, cross-platform builds, and workflows that can be scripted during authorized investigations.
security posture
broad file, network, media, or database tool signal.
blue risk · medium confidence · tool
Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.
executables
| Command | Kind | Exposure | Note |
|---|---|---|---|
hack-browser-data | cli | global executable |
freshness
These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.
https://github.com/moonD4rk/HackBrowserData
install metadata
| Package key | brew:hack-browser-data |
|---|---|
| Version | 1.1.0 |
| Package manager | Homebrew |
| Package manager page | https://formulae.brew.sh/formula/hack-browser-data |
| Homepage | https://github.com/moonD4rk/HackBrowserData |
| Repository | https://github.com/moonD4rk/HackBrowserData |
| Upstream docs | https://github.com/moonD4rk/HackBrowserData#readme |
| License | MIT |
| Source archive | https://github.com/moonD4rk/HackBrowserData/archive/refs/tags/v1.1.0.tar.gz |
| Last updated | 2026-06-14T12:11:17Z |
| Pulse | updated |
| Build dependencies | go |
| Bottle | available (on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux) |
| Homebrew post-install | not defined |
| Service | none declared |
registry facts
| Source Database | Homebrew formula API |
|---|---|
| Tap | homebrew/core |
| Full Name | hack-browser-data |
| Version Scheme | 0 |
| Revision | 0 |
| Head Version | HEAD |
| Bottle Stable Root URL | https://ghcr.io/v2/homebrew/core |
| Deprecated | no |
| Disabled | no |
| Keg Only | no |
| URL Keys |
|
source trail
This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.
View the package source record on GitHub.