cookietuner 0.1.1__tar.gz

cookietuner-0.1.1/PKG-INFO

@@ -0,0 +1,125 @@
+Metadata-Version: 2.4
+Name: cookietuner
+Version: 0.1.1
+Summary: Extract and display cookies from macOS browsers (Chrome, Safari)
+Keywords: cookies,browser,chrome,safari,macos,cli
+Author: David Poblador i Garcia
+Author-email: David Poblador i Garcia <david@poblador.com>
+License-Expression: MIT
+Classifier: Development Status :: 4 - Beta
+Classifier: Environment :: Console
+Classifier: Environment :: MacOS X
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Operating System :: MacOS
+Classifier: Programming Language :: Python :: 3.14
+Classifier: Topic :: Internet :: WWW/HTTP
+Classifier: Topic :: Security
+Classifier: Topic :: Utilities
+Requires-Dist: cryptography>=46.0.3
+Requires-Dist: pydantic>=2.12.5
+Requires-Dist: typer>=0.21.1
+Requires-Python: >=3.14
+Project-URL: Homepage, https://github.com/alltuner/cookietuner
+Project-URL: Documentation, https://cookietuner.alltuner.com
+Project-URL: Repository, https://github.com/alltuner/cookietuner
+Project-URL: Issues, https://github.com/alltuner/cookietuner/issues
+Description-Content-Type: text/markdown
+
+# cookietuner
+
+A command-line tool to extract and display cookies from macOS browsers.
+
+## Installation
+
+The easiest way to run cookietuner is with [uv](https://docs.astral.sh/uv/):
+
+```bash
+uvx cookietuner
+```
+
+Or install it permanently:
+
+```bash
+uv tool install cookietuner
+```
+
+## Usage
+
+### List cookies
+
+```bash
+# Chrome cookies (browser is required)
+cookietuner cookies -b chrome
+
+# Safari cookies
+cookietuner cookies -b safari
+
+# Filter by domain
+cookietuner cookies -b chrome -d google.com
+
+# Use a specific Chrome profile
+cookietuner cookies -b chrome -p "Profile 1"
+```
+
+### Output formats
+
+```bash
+# Full table with all details (default)
+cookietuner cookies -b chrome -o table
+
+# Short table with just domain, name, value
+cookietuner cookies -b chrome -o short
+
+# Space-separated line format (for scripting)
+cookietuner cookies -b chrome -o line
+
+# JSON output
+cookietuner cookies -b chrome -o json
+```
+
+### List browser profiles
+
+```bash
+# List all profiles
+cookietuner profiles
+
+# Filter by browser
+cookietuner profiles -b chrome
+```
+
+## Features
+
+- **Chrome support**: Decrypts cookies using macOS Keychain, supports Chrome 130+ format
+- **Safari support**: Parses the binary cookies format with SameSite detection
+- **Multiple output formats**: table, short, and JSON
+- **Domain filtering**: Filter cookies by partial domain match
+- **Profile selection**: Choose which browser profile to read from
+- **Cookie metadata**: Shows expiration, Secure, HttpOnly, and SameSite flags
+
+## Requirements
+
+- macOS (the tool only works on macOS)
+- Python 3.14+
+- Chrome and/or Safari browser
+
+## Development
+
+```bash
+# Clone the repository
+git clone https://github.com/alltuner/cookietuner.git
+cd cookietuner
+
+# Install dependencies
+uv sync
+
+# Run tests
+uv run pytest
+
+# Run the CLI
+uv run cookietuner
+```
+
+## License
+
+MIT

cookietuner-0.1.1/README.md

@@ -0,0 +1,97 @@
+# cookietuner
+
+A command-line tool to extract and display cookies from macOS browsers.
+
+## Installation
+
+The easiest way to run cookietuner is with [uv](https://docs.astral.sh/uv/):
+
+```bash
+uvx cookietuner
+```
+
+Or install it permanently:
+
+```bash
+uv tool install cookietuner
+```
+
+## Usage
+
+### List cookies
+
+```bash
+# Chrome cookies (browser is required)
+cookietuner cookies -b chrome
+
+# Safari cookies
+cookietuner cookies -b safari
+
+# Filter by domain
+cookietuner cookies -b chrome -d google.com
+
+# Use a specific Chrome profile
+cookietuner cookies -b chrome -p "Profile 1"
+```
+
+### Output formats
+
+```bash
+# Full table with all details (default)
+cookietuner cookies -b chrome -o table
+
+# Short table with just domain, name, value
+cookietuner cookies -b chrome -o short
+
+# Space-separated line format (for scripting)
+cookietuner cookies -b chrome -o line
+
+# JSON output
+cookietuner cookies -b chrome -o json
+```
+
+### List browser profiles
+
+```bash
+# List all profiles
+cookietuner profiles
+
+# Filter by browser
+cookietuner profiles -b chrome
+```
+
+## Features
+
+- **Chrome support**: Decrypts cookies using macOS Keychain, supports Chrome 130+ format
+- **Safari support**: Parses the binary cookies format with SameSite detection
+- **Multiple output formats**: table, short, and JSON
+- **Domain filtering**: Filter cookies by partial domain match
+- **Profile selection**: Choose which browser profile to read from
+- **Cookie metadata**: Shows expiration, Secure, HttpOnly, and SameSite flags
+
+## Requirements
+
+- macOS (the tool only works on macOS)
+- Python 3.14+
+- Chrome and/or Safari browser
+
+## Development
+
+```bash
+# Clone the repository
+git clone https://github.com/alltuner/cookietuner.git
+cd cookietuner
+
+# Install dependencies
+uv sync
+
+# Run tests
+uv run pytest
+
+# Run the CLI
+uv run cookietuner
+```
+
+## License
+
+MIT

cookietuner-0.1.1/pyproject.toml

@@ -0,0 +1,50 @@
+[project]
+name = "cookietuner"
+version = "0.1.1"
+description = "Extract and display cookies from macOS browsers (Chrome, Safari)"
+readme = "README.md"
+license = "MIT"
+authors = [
+    { name = "David Poblador i Garcia", email = "david@poblador.com" }
+]
+requires-python = ">=3.14"
+keywords = ["cookies", "browser", "chrome", "safari", "macos", "cli"]
+classifiers = [
+    "Development Status :: 4 - Beta",
+    "Environment :: Console",
+    "Environment :: MacOS X",
+    "Intended Audience :: Developers",
+    "License :: OSI Approved :: MIT License",
+    "Operating System :: MacOS",
+    "Programming Language :: Python :: 3.14",
+    "Topic :: Internet :: WWW/HTTP",
+    "Topic :: Security",
+    "Topic :: Utilities",
+]
+dependencies = [
+    "cryptography>=46.0.3",
+    "pydantic>=2.12.5",
+    "typer>=0.21.1",
+]
+
+[project.urls]
+Homepage = "https://github.com/alltuner/cookietuner"
+Documentation = "https://cookietuner.alltuner.com"
+Repository = "https://github.com/alltuner/cookietuner"
+Issues = "https://github.com/alltuner/cookietuner/issues"
+
+[project.scripts]
+cookietuner = "cookietuner:main"
+
+[build-system]
+requires = ["uv_build>=0.9.0,<0.10.0"]
+build-backend = "uv_build"
+
+[dependency-groups]
+dev = [
+    "mkdocs>=1.6.1",
+    "mkdocs-material>=9.7.1",
+    "prek>=0.3.0",
+    "pytest>=9.0.2",
+    "ruff>=0.14.14",
+]

cookietuner-0.1.1/src/cookietuner/__init__.py

@@ -0,0 +1,6 @@
+# ABOUTME: Cookie extraction tool for macOS browsers
+# ABOUTME: Entry point that re-exports the CLI main function
+
+from .cli import main
+
+__all__ = ["main"]

cookietuner-0.1.1/src/cookietuner/chrome.py

@@ -0,0 +1,223 @@
+# ABOUTME: Chrome cookie extraction for macOS
+# ABOUTME: Reads and decrypts cookies from Chrome's SQLite database
+
+import shutil
+import sqlite3
+import subprocess
+import tempfile
+from datetime import datetime, timedelta, timezone
+from hashlib import pbkdf2_hmac
+from pathlib import Path
+
+from cryptography.hazmat.backends import default_backend
+from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
+
+from .models import BrowserProfile, Cookie
+
+# Chrome uses microseconds since Jan 1, 1601 (Windows epoch)
+CHROME_EPOCH = datetime(1601, 1, 1, tzinfo=timezone.utc)
+
+SAME_SITE_MAP: dict[int, str | None] = {
+    -1: None,
+    0: "none",
+    1: "lax",
+    2: "strict",
+}
+
+CHROME_BASE_PATH = Path.home() / "Library/Application Support/Google/Chrome"
+
+
+def list_profiles() -> list[BrowserProfile]:
+    """Lists all available Chrome profiles."""
+    profiles = []
+
+    if not CHROME_BASE_PATH.exists():
+        return profiles
+
+    for item in CHROME_BASE_PATH.iterdir():
+        if item.is_dir():
+            cookies_file = item / "Cookies"
+            if cookies_file.exists():
+                # "Default" is the main profile, others are "Profile 1", "Profile 2", etc.
+                profile_name = item.name
+                if profile_name == "Default":
+                    profile_name = "Default"
+                profiles.append(
+                    BrowserProfile(
+                        browser="chrome",
+                        profile_name=profile_name,
+                        path=str(item),
+                    )
+                )
+
+    return profiles
+
+
+def _get_cookie_path(profile: str = "Default") -> Path:
+    """Returns the path to Chrome's cookie database for a given profile."""
+    return CHROME_BASE_PATH / profile / "Cookies"
+
+
+def _get_encryption_key() -> bytes:
+    """Retrieves Chrome's encryption key from macOS Keychain."""
+    result = subprocess.run(
+        [
+            "security",
+            "find-generic-password",
+            "-s",
+            "Chrome Safe Storage",
+            "-w",
+        ],
+        capture_output=True,
+        text=True,
+        check=True,
+    )
+    password = result.stdout.strip()
+
+    # Derive the key using PBKDF2
+    # Chrome uses "saltysalt" as salt and 1003 iterations on macOS
+    key = pbkdf2_hmac(
+        "sha1",
+        password.encode("utf-8"),
+        b"saltysalt",
+        1003,
+        dklen=16,
+    )
+    return key
+
+
+def _decrypt_value(encrypted_value: bytes, key: bytes, strip_hash: bool) -> str:
+    """Decrypts a Chrome cookie value."""
+    if not encrypted_value:
+        return ""
+
+    # Chrome prepends 'v10' to encrypted values on macOS
+    if encrypted_value[:3] == b"v10":
+        encrypted_value = encrypted_value[3:]
+
+        # Chrome uses AES-128-CBC with a 16-byte IV of spaces
+        iv = b" " * 16
+        cipher = Cipher(
+            algorithms.AES(key),
+            modes.CBC(iv),
+            backend=default_backend(),
+        )
+        decryptor = cipher.decryptor()
+        decrypted = decryptor.update(encrypted_value) + decryptor.finalize()
+
+        # Remove PKCS7 padding
+        padding_len = decrypted[-1]
+        decrypted = decrypted[:-padding_len]
+
+        # Chrome 130+ (DB version >= 24) prepends SHA256 hash of domain (32 bytes)
+        if strip_hash:
+            decrypted = decrypted[32:]
+
+        return decrypted.decode("utf-8")
+
+    # Unencrypted value (older Chrome versions)
+    return encrypted_value.decode("utf-8")
+
+
+def _get_db_version(cursor: sqlite3.Cursor) -> int:
+    """Gets the cookie database version from the meta table."""
+    cursor.execute("SELECT value FROM meta WHERE key='version'")
+    row = cursor.fetchone()
+    return int(row[0]) if row else 0
+
+
+def _chrome_time_to_datetime(chrome_time: int) -> datetime | None:
+    """Converts Chrome's timestamp (microseconds since 1601) to datetime."""
+    if chrome_time == 0:
+        return None
+    try:
+        seconds = chrome_time / 1_000_000
+        return CHROME_EPOCH + timedelta(seconds=seconds)
+    except (ValueError, OverflowError):
+        return None
+
+
+def get_cookies(
+    domain: str | None = None,
+    profile: str = "Default",
+) -> list[Cookie]:
+    """
+    Reads cookies from Chrome's cookie database.
+
+    Args:
+        domain: If specified, only return cookies matching this domain.
+                Matches if the domain contains this string.
+        profile: Chrome profile to read from (default: "Default").
+
+    Returns:
+        List of Cookie objects.
+    """
+    cookie_path = _get_cookie_path(profile)
+
+    if not cookie_path.exists():
+        return []
+
+    key = _get_encryption_key()
+
+    # Copy the database to avoid locking issues while Chrome is running
+    with tempfile.NamedTemporaryFile(delete=False, suffix=".db") as tmp:
+        tmp_path = Path(tmp.name)
+
+    try:
+        shutil.copy2(cookie_path, tmp_path)
+
+        conn = sqlite3.connect(tmp_path)
+        cursor = conn.cursor()
+
+        # Check if we need to strip the hash prefix (Chrome 130+)
+        db_version = _get_db_version(cursor)
+        strip_hash = db_version >= 24
+
+        query = """
+            SELECT host_key, name, encrypted_value, path,
+                   expires_utc, is_secure, is_httponly, samesite
+            FROM cookies
+        """
+        params: tuple[str, ...] = ()
+
+        if domain:
+            query += " WHERE host_key LIKE ?"
+            params = (f"%{domain}%",)
+
+        cursor.execute(query, params)
+        rows = cursor.fetchall()
+        conn.close()
+
+        cookies = []
+        for (
+            host_key,
+            name,
+            encrypted_value,
+            path,
+            expires_utc,
+            is_secure,
+            is_httponly,
+            samesite,
+        ) in rows:
+            try:
+                value = _decrypt_value(encrypted_value, key, strip_hash)
+                cookies.append(
+                    Cookie(
+                        domain=host_key,
+                        name=name,
+                        value=value,
+                        path=path,
+                        expires=_chrome_time_to_datetime(expires_utc),
+                        is_secure=bool(is_secure),
+                        is_httponly=bool(is_httponly),
+                        same_site=SAME_SITE_MAP.get(samesite, "unspecified"),
+                    )
+                )
+            except Exception:
+                # Skip cookies that fail to decrypt
+                pass
+
+        return cookies
+
+    finally:
+        tmp_path.unlink(missing_ok=True)

cookietuner-0.1.1/src/cookietuner/cli.py

@@ -0,0 +1,163 @@
+# ABOUTME: Command-line interface using Typer
+# ABOUTME: Provides commands to list and extract browser cookies
+
+import json
+import sys
+from enum import Enum
+
+import typer
+from rich.console import Console
+from rich.table import Table
+
+from . import chrome, safari
+
+app = typer.Typer(help="Extract cookies from your browsers", no_args_is_help=True)
+console = Console()
+
+
+def _check_macos() -> None:
+    """Ensure we're running on macOS."""
+    if sys.platform != "darwin":
+        console.print("[red]Error: cookietuner only supports macOS[/red]")
+        raise typer.Exit(1)
+
+
+@app.callback()
+def main_callback() -> None:
+    """Check platform before running any command."""
+    _check_macos()
+
+
+class Browser(str, Enum):
+    chrome = "chrome"
+    safari = "safari"
+
+
+class OutputFormat(str, Enum):
+    table = "table"
+    short = "short"
+    line = "line"
+    json = "json"
+
+
+@app.command()
+def cookies(
+    browser: Browser = typer.Option(
+        ..., "--browser", "-b", help="Browser to extract from"
+    ),
+    domain: str | None = typer.Option(
+        None, "--domain", "-d", help="Filter by domain (partial match)"
+    ),
+    profile: str = typer.Option(
+        "Default", "--profile", "-p", help="Browser profile name"
+    ),
+    output: OutputFormat = typer.Option(
+        OutputFormat.table, "--output", "-o", help="Output format"
+    ),
+) -> None:
+    """List cookies from a browser."""
+    if browser == Browser.chrome:
+        cookie_list = chrome.get_cookies(domain=domain, profile=profile)
+    elif browser == Browser.safari:
+        cookie_list = safari.get_cookies(domain=domain)
+
+    if not cookie_list:
+        if output == OutputFormat.json:
+            print("[]")
+        elif output == OutputFormat.line:
+            pass  # No output for line format when empty
+        else:
+            console.print("[yellow]No cookies found[/yellow]")
+        raise typer.Exit(0)
+
+    if output == OutputFormat.json:
+        data = [c.model_dump(mode="json", exclude_none=True) for c in cookie_list]
+        print(json.dumps(data, indent=2))
+        return
+
+    if output == OutputFormat.line:
+        for cookie in cookie_list:
+            print(f"{cookie.domain} {cookie.name} {cookie.value}")
+        return
+
+    if output == OutputFormat.short:
+        table = Table(title=f"Cookies ({len(cookie_list)} found)")
+        table.add_column("Domain", style="cyan")
+        table.add_column("Name", style="green")
+        table.add_column("Value", style="white", max_width=50, overflow="ellipsis")
+
+        for cookie in cookie_list:
+            value_display = (
+                cookie.value[:47] + "..." if len(cookie.value) > 50 else cookie.value
+            )
+            table.add_row(cookie.domain, cookie.name, value_display)
+
+        console.print(table)
+        return
+
+    table = Table(title=f"Cookies ({len(cookie_list)} found)")
+    table.add_column("Domain", style="cyan")
+    table.add_column("Name", style="green")
+    table.add_column("Value", style="white", max_width=40, overflow="ellipsis")
+    table.add_column("Expires", style="dim")
+    table.add_column("Flags", style="yellow")
+
+    for cookie in cookie_list:
+        value_display = (
+            cookie.value[:37] + "..." if len(cookie.value) > 40 else cookie.value
+        )
+        expires_display = (
+            cookie.expires.strftime("%Y-%m-%d") if cookie.expires else "session"
+        )
+
+        flags = []
+        if cookie.is_secure:
+            flags.append("Secure")
+        if cookie.is_httponly:
+            flags.append("HttpOnly")
+        if cookie.same_site:
+            flags.append(f"SameSite={cookie.same_site}")
+        flags_display = ", ".join(flags) if flags else "-"
+
+        table.add_row(
+            cookie.domain, cookie.name, value_display, expires_display, flags_display
+        )
+
+    console.print(table)
+
+
+@app.command()
+def profiles(
+    browser: Browser | None = typer.Option(
+        None, "--browser", "-b", help="Filter by browser"
+    ),
+) -> None:
+    """List available browser profiles."""
+    profile_list = []
+
+    if browser is None or browser == Browser.chrome:
+        profile_list.extend(chrome.list_profiles())
+
+    if browser is None or browser == Browser.safari:
+        profile_list.extend(safari.list_profiles())
+
+    if not profile_list:
+        console.print("[yellow]No profiles found[/yellow]")
+        raise typer.Exit(0)
+
+    title = (
+        "Browser Profiles" if browser is None else f"{browser.value.title()} Profiles"
+    )
+    table = Table(title=title)
+    table.add_column("Browser", style="cyan")
+    table.add_column("Profile Name", style="green")
+    table.add_column("Path", style="dim")
+
+    for p in profile_list:
+        table.add_row(p.browser.title(), p.profile_name, p.path)
+
+    console.print(table)
+
+
+def main() -> None:
+    app()

cookietuner-0.1.1/src/cookietuner/models.py

@@ -0,0 +1,44 @@
+# ABOUTME: Pydantic models for cookie data structures
+# ABOUTME: Defines Cookie and browser profile configuration
+
+from datetime import datetime, timezone
+
+from pydantic import BaseModel, computed_field
+
+
+class Cookie(BaseModel):
+    """Represents a browser cookie with all attributes."""
+
+    domain: str
+    name: str
+    value: str
+    path: str
+    expires: datetime | None = None
+    is_secure: bool = False
+    is_httponly: bool = False
+    same_site: str | None = None
+
+    @computed_field
+    @property
+    def is_expired(self) -> bool:
+        """Returns True if the cookie has expired."""
+        if self.expires is None:
+            return False  # Session cookies don't expire
+        now = datetime.now(timezone.utc)
+        expires = (
+            self.expires
+            if self.expires.tzinfo
+            else self.expires.replace(tzinfo=timezone.utc)
+        )
+        return expires < now
+
+    def __str__(self) -> str:
+        return f"{self.name}={self.value}"
+
+
+class BrowserProfile(BaseModel):
+    """Represents a browser profile location."""
+
+    browser: str
+    profile_name: str
+    path: str

cookietuner-0.1.1/src/cookietuner/safari.py

@@ -0,0 +1,197 @@
+# ABOUTME: Safari cookie extraction for macOS
+# ABOUTME: Parses the .binarycookies format used by Safari
+
+import struct
+from datetime import datetime, timedelta, timezone
+from pathlib import Path
+
+from .models import BrowserProfile, Cookie
+
+# Sandboxed Safari (modern macOS) stores cookies here
+SAFARI_COOKIES_PATH_SANDBOXED = (
+    Path.home()
+    / "Library/Containers/com.apple.Safari/Data/Library/Cookies/Cookies.binarycookies"
+)
+# Legacy location for older macOS versions
+SAFARI_COOKIES_PATH_LEGACY = Path.home() / "Library/Cookies/Cookies.binarycookies"
+
+# Safari uses Mac absolute time (seconds since Jan 1, 2001)
+MAC_EPOCH = datetime(2001, 1, 1, tzinfo=timezone.utc)
+
+# SameSite is encoded in bits 3-5 of the flags field
+# https://gist.github.com/creachadair/ba843bd92c2cfc78dc5e1a53b44775a3
+SAME_SITE_MAP: dict[int, str | None] = {
+    0: None,  # unspecified
+    4: "none",  # 0b100
+    5: "lax",  # 0b101
+    7: "strict",  # 0b111
+}
+
+
+def _get_cookies_path() -> Path | None:
+    """Returns the path to Safari's cookies file, or None if not found."""
+    for path in [SAFARI_COOKIES_PATH_SANDBOXED, SAFARI_COOKIES_PATH_LEGACY]:
+        if path.exists():
+            return path
+    return None
+
+
+def list_profiles() -> list[BrowserProfile]:
+    """Safari only has one profile."""
+    cookies_path = _get_cookies_path()
+    if cookies_path is None:
+        return []
+    return [
+        BrowserProfile(
+            browser="safari",
+            profile_name="Default",
+            path=str(cookies_path),
+        )
+    ]
+
+
+def _mac_time_to_datetime(mac_time: float) -> datetime | None:
+    """Converts Mac absolute time to datetime."""
+    if mac_time == 0:
+        return None
+    try:
+        return MAC_EPOCH + timedelta(seconds=mac_time)
+    except (ValueError, OverflowError):
+        return None
+
+
+def _read_cstring(data: bytes, offset: int) -> str:
+    """Reads a null-terminated C string from data."""
+    end = data.index(b"\x00", offset)
+    return data[offset:end].decode("utf-8", errors="replace")
+
+
+def _parse_cookie(data: bytes) -> Cookie | None:
+    """Parses a single cookie from binary data."""
+    try:
+        # Cookie structure:
+        # 4 bytes: cookie size
+        # 4 bytes: unknown
+        # 4 bytes: flags
+        # 4 bytes: unknown
+        # 4 bytes: domain offset
+        # 4 bytes: name offset
+        # 4 bytes: path offset
+        # 4 bytes: value offset
+        # 8 bytes: end of cookie
+        # 8 bytes: expiration date (double)
+        # 8 bytes: creation date (double)
+
+        if len(data) < 48:
+            return None
+
+        flags = struct.unpack("<I", data[8:12])[0]
+        domain_offset = struct.unpack("<I", data[16:20])[0]
+        name_offset = struct.unpack("<I", data[20:24])[0]
+        path_offset = struct.unpack("<I", data[24:28])[0]
+        value_offset = struct.unpack("<I", data[28:32])[0]
+        expiration = struct.unpack("<d", data[40:48])[0]
+
+        domain = _read_cstring(data, domain_offset)
+        name = _read_cstring(data, name_offset)
+        path = _read_cstring(data, path_offset)
+        value = _read_cstring(data, value_offset)
+
+        is_secure = bool(flags & 0x1)
+        is_httponly = bool(flags & 0x4)
+        same_site_bits = (flags >> 3) & 0x7
+        same_site = SAME_SITE_MAP.get(same_site_bits)
+
+        return Cookie(
+            domain=domain,
+            name=name,
+            value=value,
+            path=path,
+            expires=_mac_time_to_datetime(expiration),
+            is_secure=is_secure,
+            is_httponly=is_httponly,
+            same_site=same_site,
+        )
+    except Exception:
+        return None
+
+
+def get_cookies(
+    domain: str | None = None,
+    profile: str = "Default",  # Safari only has one profile, ignored
+) -> list[Cookie]:
+    """
+    Reads cookies from Safari's binarycookies file.
+
+    Args:
+        domain: If specified, only return cookies matching this domain.
+        profile: Ignored for Safari (only one profile).
+
+    Returns:
+        List of Cookie objects.
+    """
+    cookies_path = _get_cookies_path()
+    if cookies_path is None:
+        return []
+
+    with open(cookies_path, "rb") as f:
+        data = f.read()
+
+    cookies: list[Cookie] = []
+
+    # File format:
+    # 4 bytes: magic "cook"
+    # 4 bytes: number of pages (big endian)
+    # 4 bytes * num_pages: page sizes (big endian)
+    # pages follow...
+
+    if len(data) < 8 or data[:4] != b"cook":
+        return cookies
+
+    num_pages = struct.unpack(">I", data[4:8])[0]
+    page_sizes = []
+
+    offset = 8
+    for _ in range(num_pages):
+        page_sizes.append(struct.unpack(">I", data[offset : offset + 4])[0])
+        offset += 4
+
+    # Parse each page
+    for page_size in page_sizes:
+        page_data = data[offset : offset + page_size]
+        offset += page_size
+
+        if len(page_data) < 8:
+            continue
+
+        # Page header:
+        # 4 bytes: page header (0x00000100)
+        # 4 bytes: number of cookies in page
+        # 4 bytes * num_cookies: cookie offsets
+
+        num_cookies = struct.unpack("<I", page_data[4:8])[0]
+        cookie_offsets = []
+
+        page_offset = 8
+        for _ in range(num_cookies):
+            cookie_offsets.append(
+                struct.unpack("<I", page_data[page_offset : page_offset + 4])[0]
+            )
+            page_offset += 4
+
+        # Parse each cookie
+        for i, cookie_offset in enumerate(cookie_offsets):
+            # Determine cookie size
+            if i + 1 < len(cookie_offsets):
+                cookie_size = cookie_offsets[i + 1] - cookie_offset
+            else:
+                cookie_size = page_size - cookie_offset
+
+            cookie_data = page_data[cookie_offset : cookie_offset + cookie_size]
+            cookie = _parse_cookie(cookie_data)
+
+            if cookie:
+                if domain is None or domain.lower() in cookie.domain.lower():
+                    cookies.append(cookie)
+
+    return cookies