From 013ca8c68b46089d8483b832fab7490ce3bd52b1 Mon Sep 17 00:00:00 2001
From: SolitudePy <47316655+SolitudePy@users.noreply.github.com>
Date: Fri, 27 Sep 2024 01:56:51 +0300
Subject: [PATCH 1/2] Added LocalSystem chrome history

---
 Targets/Browsers/Chrome.tkape | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/Targets/Browsers/Chrome.tkape b/Targets/Browsers/Chrome.tkape
index ec17d8dad..8577b20d2 100644
--- a/Targets/Browsers/Chrome.tkape
+++ b/Targets/Browsers/Chrome.tkape
@@ -201,6 +201,11 @@ Targets:
         Path: C:\Users\%user%\AppData\Roaming\Microsoft\Protect\*\
         Recursive: true
         Comment: "Required for offline decryption"
+    -
+        Name: SYSTEM Chrome History
+        Category: Communications
+        Path: C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\*\
+        FileMask: History*
 
 # Documentation
 # https://nasbench.medium.com/web-browsers-forensics-7e99940c579a

From ad5aded37cdf6d1367502ceaf763c2dbb9941267 Mon Sep 17 00:00:00 2001
From: Andrew Rathbun <36825567+AndrewRathbun@users.noreply.github.com>
Date: Thu, 26 Sep 2024 20:54:27 -0400
Subject: [PATCH 2/2] Update Chrome.tkape

---
 Targets/Browsers/Chrome.tkape | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/Targets/Browsers/Chrome.tkape b/Targets/Browsers/Chrome.tkape
index 8577b20d2..f245ee854 100644
--- a/Targets/Browsers/Chrome.tkape
+++ b/Targets/Browsers/Chrome.tkape
@@ -201,6 +201,12 @@ Targets:
         Path: C:\Users\%user%\AppData\Roaming\Microsoft\Protect\*\
         Recursive: true
         Comment: "Required for offline decryption"
+    -
+        Name: Chrome Snapshots Folder
+        Category: Communications
+        Path: C:\Users\%user%\AppData\Local\Google\Chrome\User Data\Snapshots\*\
+        Recursive: true
+        Comment: "Grabs folder that appears to have snapshots of Chrome SQLite DBs organized by version #."
     -
         Name: SYSTEM Chrome History
         Category: Communications