fatcousin
// case type

romance scam

dating-app introduction → emotional manipulation → money request. evidence is profile screenshots, message archives, payment trails.

tools
13
priority
M
processing
local · in browser

start here · primary tools

ordered. work top-down. the first tool is the suggested entry point for this case type.

  1. ios dating app artifact forensic extractor (Tinder, Bumble, Hinge)drop iOS dating app database files (Tinder, Bumble, or Hinge) · auto-detect app · parse match records, messages, and profile metadata · surface match timestamps, screenshot alerts, and own location from account plist · detect confirmed real-world meetings (Hinge We Met) · runs locally
  2. iOS WhatsApp artifact forensic extractordrop iOS WhatsApp ChatStorage.sqlite and Contacts.sqlite · parse all chats, messages, groups, and media references · reconstruct conversation timelines with delivery status · surface location shares, contact cards, and deleted message placeholders · runs locally
  3. android whatsapp database forensic analyzerdrop an Android WhatsApp msgstore.db · parse all messages, chats, groups, and media metadata · reconstruct conversation timelines · surface message delivery status, forwarding metadata, location shares, and contact cards · detect deleted message gaps · runs locally
  4. ios telegram artifact forensic extractordrop cache4.db or account db · parse chats messages channels · forwarding edits tombstones · disappearing timers · mid gap analysis · runs locally
  5. android telegram database forensic extractordrop Android Telegram database files · parse messages, chats, channels, and contacts · extract forwarding metadata, edit timestamps, and media references · surface disappearing message timer settings · detect deleted message ROWID gaps · reconstruct Telegram communication timeline · runs locally
  6. ios cash app artifact forensic extractordrop iOS Cash App database files from the app container · parse transaction records, payment notes, and account artifacts · surface payment amounts, counterparty Cashtags, and timestamps · detect suspicious payment patterns and structured transactions · runs locally
  7. ios venmo artifact forensic extractordrop iOS Venmo database files from the app container · parse payment records and transaction notes · surface audience settings (public/friends/private) · surface social feed likes and comments on transactions · reconstruct Venmo financial and social activity timeline · runs locally
  8. ai generated image provenance analyzerpng tEXt chunk inventory · sd metadata · stripped metadata flag · provenance csv · runs locally

also useful · secondary tools

supporting and follow-up tools. surface as the investigation widens.

  1. ios screenshot burst forensic analyzerdrop photos.sqlite · screenshot detection · burst clustering · rapid capture flags · runs locally
  2. ios photos database forensic analyzerdrop photos.sqlite · metadata including deleted · location · hidden photos · creation timeline · runs locally
  3. url redirect chain tracerpaste shortened URLs · trace full redirect chain via proxy · detect malicious redirects · show final destination · flag suspicious hops · runs locally
  4. domain reputation analyzerpaste domains or IPs · score by entropy · TLD risk · homoglyph detection · DGA patterns · punycode abuse · age heuristics · no external lookup · runs locally
  5. case report generatorfill in case number · examiner · dates · findings · drop evidence files for auto hash · generates structured forensic report PDF · runs locally
// case-kit pipeline

run as a stack

skip the click-through. these presets are curated forensic pipelines you can save as a stack with one click and run on your evidence locally.

  • romance scam — recon kit

    8 steps

    drop dating-app + chat exports → AI image check → IOC extract → crypto tx graph → wallet cluster → report

    1. 01evidence-manifest-generatorhash chat exports + screenshots before analysis
    2. 02ios-dating-app-artifact-forensic-extractorextract dating-app artifacts from iOS backup / export data
    3. 03ios-whatsapp-artifact-forensic-extractorparse WhatsApp message archives from iOS exports
    4. 04ai-generated-image-provenance-analyzercheck if profile photos are AI-generated — common in romance scams
    5. 05ioc-extractorpull URLs, domains, and contact identifiers from message bodies
    6. 06crypto-tx-graphbuild a transaction graph from any wallet addresses found
    7. 07bitcoin-address-clusteringcluster bitcoin addresses for exchange-of-record pivots
    8. 08case-report-generatordraft a victim-loss report with the payment trail + scammer identifiers
// pattern-matched

related tools

tools that the manifest-classifier flagged as plausibly useful here but that aren't in the hand-curated lists above. less editorial weight — scan, don't work top-down.

ready