Search
Collection
Category
Tag
Blog
Pricing
Submit

Newsletter

Join the Community

Subscribe to our newsletter for the latest news and updates

Email

AISecKit

Curated AI security tools & LLM safety resources for cybersecurity professionals

Product

Search
Collection
Category
Tag

Resources

Blog
Pricing
Submit

Tools

🔥Marathons Tools

Company

About Us
Privacy Policy
Terms of Service
Sitemap

Copyright © 2025 All Rights Reserved.

Home
Category
Chrome-App-Bound-Encryption-Decryption

Chrome-App-Bound-Encryption-Decryption

Decrypt App-Bound encrypted keys in Chrome 127+, using the IElevator COM interface bypassing path validation and encryption protections.

image for Chrome-App-Bound-Encryption-Decryption

Introduction

Information

Publisher
AISecKit
Websitegithub.com
Published date2025/04/28

Categories

Incident Response Tools
Penetration Testing
Security Research

Tags

Application Security
Exploit Development
Security Auditing
Open Source
Incident Response

More Products

image of Phantom

DevSecOps ToolsPenetration TestingVulnerability Scanners

Phantom

A browser extension for SRC vulnerability mining, collecting sensitive information and suspicious clues from web pages.

Security Auditing Open Source Incident Response Vulnerability Scanning API Security+1

Exploiting AI

An introductory class on understanding AI security risks and mitigation strategies.

Prompt Injection Generative AI Red Team Testing Data Poisoning

PINT Benchmark

A benchmark for prompt injection detection systems, providing a neutral way to evaluate their performance.

Prompt Injection Model Robustness Security Auditing

Chrome App-Bound Encryption Decryption

This tool is designed to decrypt App-Bound Encrypted (ABE) keys stored in Chromium-based browsers like Chrome, Brave, and Edge. It utilizes the IElevator COM interface to bypass path validation and encryption protections introduced in Chrome 127.

Key Features:

Bypass Path Validation: Injects a DLL into the browser process to call IElevator without requiring administrative privileges.
Multiple Injection Methods: Supports various methods for DLL injection, including stealth options.
Verbose Debugging: Offers extensive debugging output to assist in troubleshooting.
Auto-Start Browser: Can automatically launch the browser if it is not already running.
Process Cleanup: Optionally cleans up processes after decryption.

Benefits:

Research and Education: Intended for cybersecurity research and educational purposes, ensuring compliance with legal guidelines.
User-Friendly: Simple command-line interface for ease of use.

Highlights:

Supports Chrome, Brave, and Edge browsers.
Requires the target browser to be running unless using the --start-browser option.
New features in v0.4 include selectable injection methods and improved code refactoring.