# Chromium Sessions

## Overview

**Evidence:** Chromium Sessions\
**Description:** Collect Chromium Sessions\
**Category:** Applications\
**Platform:** linux\
**Short Name:** chmss\
**Is Parsed:** Yes\
**Sent to Investigation Hub:** Yes\
**Collect File(s):** No

## Background

Browser sessions maintain active tab state, cookies, and authentication context. This data reveals currently active user sessions, open websites, and authenticated connections at the time of collection.

## Data Collected

This collector gathers structured data about chromium sessions.

## Collection Method

This collector captures browser session data including active tabs, session cookies, and authentication state.

## Forensic Value

Session analysis identifies active compromises, authenticated sessions to malicious sites, concurrent suspicious activities, and real-time indicators of ongoing attacks. Analysts can detect active C2 connections, authenticated malware communications, and live attacker sessions.