cLeapp

cLeapp is a forensic utility developed by Mark McKinnon that extracts, parses and presents chronological artefacts from Google Chrome browser installations. Written for investigators, incident-response teams and compliance auditors, the open-source tool ingests raw Chrome logs, SQLite databases, LevelDB folders and Protobuf-encoded session files, then converts them into human-readable timelines, CSV tables or JSON feeds that can be imported into wider forensic suites. Typical use cases include reconstructing a suspect’s browsing activity after a security breach, validating whether sensitive data was accessed from a managed endpoint, or simply auditing employee web usage against corporate policy. Because Chrome stores history, downloads, favicons, cache, cookies, extension activity, autofill data and even crash dumps in a variety of inter-related formats, cLeapp automates the correlation process and flags anomalies such as cleared sessions, back-dated timestamps or tampered protobuf blobs. The parser respects the typed fields defined in Chromium’s source code, ensuring that decoded integers, enums and nested messages map accurately to their intended meaning. Released in a single stable build numbered 1.0, the utility is distributed as a portable Windows executable with no installation footprint, making it suitable for runtime on live systems or dead-box disk images. The software falls under the “Forensic Software” category and is maintained as a solo project on the author’s public repository, where the standalone binary is updated only when internal format changes in Chrome necessitate refreshed decoding logic. cLeapp is available for free on get.nero.com, with downloads provided via trusted Windows package sources such as winget, always delivering the latest version and supporting batch installation of multiple applications.

Tags: