Art.BrowserCookies 0.49.0

.NET 8.0

dotnet add package Art.BrowserCookies --version 0.49.0

NuGet\Install-Package Art.BrowserCookies -Version 0.49.0

This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.

<PackageReference Include="Art.BrowserCookies" Version="0.49.0" />

For projects that support PackageReference, copy this XML node into the project file to reference the package.

<PackageVersion Include="Art.BrowserCookies" Version="0.49.0" />
                    

                            Directory.Packages.props

<PackageReference Include="Art.BrowserCookies" />
                    

                            Project file

For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package.

paket add Art.BrowserCookies --version 0.49.0

The NuGet Team does not provide support for this client. Please contact its maintainers for support.

#r "nuget: Art.BrowserCookies, 0.49.0"

#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.

#:package Art.BrowserCookies@0.49.0

#:package directive can be used in C# file-based apps starting in .NET 10 preview 4. Copy this into a .cs file before any lines of code to reference the package.

#addin nuget:?package=Art.BrowserCookies&version=0.49.0
                    

                            Install as a Cake Addin

#tool nuget:?package=Art.BrowserCookies&version=0.49.0
                    

                            Install as a Cake Tool

The NuGet Team does not provide support for this client. Please contact its maintainers for support.

Art.BrowserCookies

Art.BrowserCookies provides rudimentary support for cookie extraction on select browsers. It is a part of the Art archival package set.

Browser Support

Browser / Platform	Chrome	Edge
Windows	v10[1], v20[1], DPAPI[1]	v10[1], v20[1], DPAPI[1]
macOS	v10[2]	v10[2]

[1] v10, v20, and DPAPI refer to cookie encryption types; v10 and v20 are used as prefixes with potentially browser-specific encryption procedures, while DPAPI refers to straightforward decryption as-is via Windows's Data Protection API

[2] v10 refers to a cookie encryption type; v10 is used as a prefix, with a key retrieved from Keychain

Elevation for Decryption

v20 cookies on Windows Chromium browsers go through the System account for encryption, and decryption requires a process to run under that account for the right DPAPI context. A helper Windows PowerShell (not PowerShell Core) script is embedded in this library which includes the Invoke-CommandAs library and a small job which will ultimately execute a decryption via the System account. Getting the job scheduled requires elevation to administrator, so the PowerShell process that runs the helper script is elevated which will trigger a UAC prompt if those are enabled.

v10 cookies on macOS go through Keychain, specifically via the security CLI which accesses the browser's store in Keychain. This will trigger a privilege check with an option to always allow the calling program access to that store. Do not select Always Allow, as the permissions are being granted to the security utility.

Resources

Windows v10 key source

Windows v20 keys (runassu Python PoC)

(Further explanation)

Google Security Blog - Improving the security of Chrome cookies on Windows

Product	Compatible and additional computed target framework versions.
.NET	net8.0 is compatible. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. net9.0 was computed. net9.0-android was computed. net9.0-browser was computed. net9.0-ios was computed. net9.0-maccatalyst was computed. net9.0-macos was computed. net9.0-tvos was computed. net9.0-windows was computed. net10.0 is compatible. net10.0-android was computed. net10.0-browser was computed. net10.0-ios was computed. net10.0-maccatalyst was computed. net10.0-macos was computed. net10.0-tvos was computed. net10.0-windows was computed.

Product

.NET

Compatible target framework(s)

Included target framework(s) (in package)

Learn more about Target Frameworks and .NET Standard.

net10.0
- Art (>= 0.49.0)
- Microsoft.Data.Sqlite (>= 10.0.2)
- System.Security.Cryptography.ProtectedData (>= 10.0.2)
net8.0
- Art (>= 0.49.0)
- Microsoft.Data.Sqlite (>= 10.0.2)
- System.Security.Cryptography.ProtectedData (>= 10.0.2)

NuGet packages (2)

Showing the top 2 NuGet packages that depend on Art.BrowserCookies:

Package	Downloads
Art.Http Artifact retrieval toolkit (HTTP variants)	5.1K
Art.Tesler Artifact retrieval toolkit (command-line support)	87

GitHub repositories

This package is not used by any popular GitHub repositories.

Version	Downloads	Last Updated
0.49.0	151	2/4/2026
0.48.0	601	2/16/2023
0.47.1	381	2/16/2023
0.47.0	500	2/16/2023
0.46.0	538	1/31/2023
0.45.0	532	1/29/2023
0.44.0	575	1/28/2023