Cryptr a shell utility for encrypting and decrypting files with OpenSSL
OpenSSL wrapper with shred prompts, but age and gpg already exist.
Firefox profile decryption tool and master password cracker.
Fills the gap Hashcat left by supporting Firefox's latest SHA384 salt formats.
Security researchers, penetration testers, forensic analysts
Hashcat · John the Ripper
The actual decryption process is explained in detail in the README if anyone is curious and would like to learn more about how it works.
Important features:
- Supports the latest versions of Firefox, which use SHA384 to derive the PBKDF2 input. The correct hash type is automatically selected.
- Multi-core cracking of the master password is supported using wordlists. (why is this useful? : hashcat and JTR cannot be used to crack the master password as they do not support the latest hash and global salt formats)
Demo:
≻ ./mozdmp data/psw_1looove/key4.db data/psw_1looove/logins.json [*] Checking Master Password... >> Check Master Password == '' ... NO [*] Attempting to crack master password... [+] Multi-Core Enabled [?] Enter wordlist path: rockyou.txt [?] Workers (default 20): [*] Loading wordlist...
W0: 2407/717220 [00:11<56:18, 211.60pwd/s] W15: 2325/717220 [00:11<56:54, 209.39pwd/s] W8: 2278/717220 [00:11<58:55, 202.20pwd/s] W3: 2608/717220 [00:11<51:47, 229.99pwd/s] ... (workers W0-W19)
[+] FOUND MASTER KEY: 1looove
[*] KDF Parameters: { "salt": "2a24f5f8ec2fc74eccd6fa396f11aa34f1c8d3de269af38ca1324539ec5a4894", "iterations": 10000, "keylen": 32 }
[*] AES Parameters: { "iv": "040ed33681631562b28ee4494725e9bc" }
[*] Global salt: 733f22304895df339a778680cbda652191f0b46fd240f1340b81e79c4997dcac11b25b897bc779cdbad0eb6cbe1696e5 [*] KDF input (SHA384(global_salt + password)): aa5bf320258a8f9c10dc1a23dc415e3143d258c36c3218018672f0df1a6b9edb3174198700bf463201e8017d7f42767e [+] Decrypted AES key: 462f7891ab8e708c1a93122a3b2857a5b016472b9d58cb40b52449db64e4a68a
[*] Decrypting passwords from logins...
Hostname: https://auth.wikimedia.org Username: joog Password: boog Created At: 08 June 2026 11:40
If you find this interesting, you may also like chrdmp - a similar tool used to decrypt chrome profile data offline using the Chrome Safe Storage keyring secret. You can see it at https://github.com/asaix/chrdmp.OpenSSL wrapper with shred prompts, but age and gpg already exist.
Matrix-based pinentry for remote server decryption is genuinely clever for headless boot.
Rust-powered JSON graph viewer that handles massive files without Electron bloat or browser crashes.
mTLS + XOR key splitting beats dropbear SSH for remote FDE unlock.
Keys in URL hash means server literally cannot decrypt — crypto challenge proves it.
Browser-native encrypted files, no app needed, works offline permanently.