galleta

Parse IE cookies

$ galleta [index.dat]

$ galleta [index.dat] > [cookies.txt]

$ galleta -d [index.dat]

galleta [options] file

galleta is a digital forensics tool that parses Internet Explorer cookie files. It extracts cookie data including domains, paths, values, and timestamps from index.dat files.
The tool produces human-readable or delimited output for analysis. It's used in forensic investigations to examine web browsing history and user activity.
galleta handles the binary index.dat format used by older versions of Internet Explorer.

FILE

Internet Explorer cookie file (index.dat).

Delimited output for spreadsheets.

Display help information.

Only for IE index.dat format. Modern browsers use different formats. File must be accessible (not locked).

galleta (Spanish for "cookie") is part of forensic toolkit collections for analyzing Internet Explorer artifacts. It parses the proprietary index.dat format used by IE for cookie storage.

pasco(1), strings(1)