Brave Sessions

Overview

Evidence: Brave Sessions
Description: Collect Brave Sessions
Category: Applications
Platform: windows
Short Name: brvss
Is Parsed: Yes
Sent to Investigation Hub: Yes
Collect File(s): No

Background

Browser sessions maintain active tab state, cookies, and authentication context. This data reveals currently active user sessions, open websites, and authenticated connections at the time of collection.

Data Collected

This collector gathers structured data about brave sessions.

Brave Sessions Data

Field	Description	Example
`ID`	ID	123
`WindowID`	Window ID	123
`Active`	Active	true
`Url`	Url	Example value
`Title`	Title	Example value
`Deleted`	Deleted	true
`Group`	Group	Example value
`History`	History	[]
`BrowserName`	Browser Name	Example value

Collection Method

This collector captures browser session data including active tabs, session cookies, and authentication state.

Forensic Value

Session analysis identifies active compromises, authenticated sessions to malicious sites, concurrent suspicious activities, and real-time indicators of ongoing attacks. Analysts can detect active C2 connections, authenticated malware communications, and live attacker sessions.