fatcousin
// artifact family

case-type investigation kits

53 browser-only forensics tools in this catalog group — browse by artifact family when you know the kind of evidence you are working with, not the investigation pattern.

tools
53
catalog slugs
53
processing
local · in browser

tools in this family

ordered as in the forensics catalog. every tool runs locally — no upload, no account.

  1. bec business email compromise investigation kitdrop email headers + login telemetry + invoice files + wire records · run full BEC workflow · output IC3-ready package + wire-recall request · runs locally
  2. doxxing victim investigation kitdrop social posts + pii exposure logs + threat messages · build victim safety report · runs locally
  3. ipv domestic abuse tech sweep kitdrop device inventory + account access logs + stalkerware scan · build safety sweep report · runs locally
  4. pig butchering victim case kitdrop chat logs + crypto wallet records + platform screenshots · build victim case package · runs locally
  5. romance scam investigation kitdrop dating app chat + payment records + persona evidence · build romance scam case file · runs locally
  6. sextortion ncii investigation kitdrop extortion messages + payment demands + platform reports · build ncii case package · runs locally
  7. stalkerware victim sweep kit androiddrop android app inventory + permissions + known stalkerware hits · build safety sweep report · runs locally
  8. stalkerware victim sweep kit iosdrop ios profiles + app list + icloud access audit · build safety sweep report · runs locally
  9. swatting call attribution kitdrop 911 call metadata + spoof logs + gaming chat · build swatting attribution report · runs locally
  10. vendor email compromise investigation kitdrop vendor email thread + po/invoice changes + wire records · build vec case package · runs locally
  11. child exploitation case packaging kitdrop device hashes + platform exports · package NCMEC-format submission · NEVER hash against actual CSAM (empty-list capable only) · runs locally
  12. cyberbullying harassment evidence collection kitdrop platform exports + screenshots + screen recordings · build authenticated evidence bundle for school / court · runs locally
  13. divorce digital discovery kitdrop allowed devices + shared accounts · enumerate hidden accounts + crypto + offshore platforms within stipulation · runs locally
  14. human trafficking online investigation kitdrop platform listings + payment trails + cross-platform identifier · build entity graph + flow of funds · runs locally
  15. insider trading communication window kitdrop messaging exports + trade timeline + material-event calendar · correlate communication bursts with trading windows · runs locally
  16. probate estate digital asset recovery kitdrop decedent device + cloud accounts + password manager · enumerate wallets + accounts + recurring subscriptions · runs locally
  17. source code ip theft investigation kitdrop two codebases · run style + block + commit attribution + author-fingerprint cross-comparison · runs locally
  18. trade secret theft investigation kitdrop DLP exports + USB log + email exfil + cloud upload log · build exfil timeline + recipient attribution · runs locally
  19. workplace harassment evidence collection kitdrop slack + teams + email + dm exports across alleged parties · build redacted threaded narrative · runs locally
  20. workplace investigation cross platform correlatordrop hr + slack + email + access log set · correlate physical access + comms + system activity · runs locally
  21. account takeover incident kitdrop authentication log + device fingerprint + email change log · attribute initial access + lateral movement · runs locally
  22. cryptocurrency theft response kitdrop victim wallet + theft txid · trace + label counterparties + clustering + exchange notice · runs locally
  23. cyber physical incident investigation kitdrop OT + IT log set · correlate kinetic event with cyber precursor · runs locally
  24. data breach victim notification readiness kitdrop affected user export · build per-jurisdiction notification + regulator-filing artifact set · runs locally
  25. election integrity precinct audit kitdrop voting machine log + poll book + ENR feed for a precinct · build full audit narrative · runs locally
  26. insurance claim fraud investigation kitdrop claim file + telematics + social media + medical records · cross-source consistency report · runs locally
  27. ransomware incident response orchestration kitdrop encrypted file sample + ransom note + initial-access evidence · run identification + family attribution + payment options dossier · runs locally
  28. ransomware payment trace kitdrop ransom address + payment txid · trace flow + clustering + exchange touchpoint · runs locally
  29. spoliation litigation evidence packagerdrop spoliation indicator output from multiple tools · package investigator-grade spoliation motion exhibit · runs locally
  30. synthetic identity fraud investigation kitdrop application + credit + selfie + utility doc · cross-source synthetic-id detection · runs locally
  31. 30b6 deposition prep evidence binderdrop case evidence set + 30(b)(6) topics · output topic-mapped exhibit binder · runs locally
  32. bec wire recall package generatordrop bec details + wire info · output structured FedFinancial-ready wire recall artifact · runs locally
  33. disability claim social media cross reference kitdrop claim narrative + claimant social posts · flag activity inconsistent with claim · runs locally
  34. initial access broker listing correlatordrop iab marketplace listings · correlate with observed compromise · runs locally
  35. ransom negotiation chat artifact extractordrop tox / qtox / onionshare / xmpp chat from ransom negotiation · parse threat actor messaging · runs locally
  36. revenge porn state statute package generatordrop incident evidence + jurisdiction · output statute-mapped charging package · runs locally
  37. sextortion takedown notice package generatordrop incident evidence · output platform-specific takedown notice templates · runs locally
  38. staged accident telematics detection kitdrop vehicle telematics + claim narrative · detect inconsistencies + scripted-accident patterns · runs locally
  39. suspect device triage kitdrop suspect device backup · run multi-source triage + priority artifact surface · runs locally
  40. victim device triage kitdrop victim device backup · run safety-focused triage (different priorities than suspect) · runs locally
  41. mass victimization cross tenant correlatordrop multiple victim org log sets · correlate shared indicators · runs locally
  42. subject investigation awareness detector kitdrop suspect device + comms · detect counter-investigation behavior pattern · runs locally
  43. flight attempt detection kitdrop suspect device + travel artifacts · detect bookings + visa lookups + crypto exchange withdrawals consistent with flight prep · runs locally
  44. deepfake voice cloning fraud investigation kitdrop call recordings + metadata + payment traces · build voice clone fraud evidence binder · runs locally
  45. nft rug pull victim investigation kitdrop wallet txs + discord/telegram exports + contract artifacts · timeline rug pull narrative · runs locally
  46. medical records breach investigation kitdrop hipaa audit logs + access exports + exfil indicators · breach scope + patient impact report · runs locally
  47. elder abuse financial exploitation kitdrop bank statements + caregiver device exports + power of attorney docs · exploitation pattern report · runs locally
  48. custody child safety device audit kitdrop parent/guardian phone exports + location + messaging · child safety exposure assessment · runs locally
  49. whistleblower retaliation evidence kitdrop hr systems + email + chat exports · retaliation timeline + comparator · runs locally
  50. credential stuffing victim response kitdrop breach combo lists + login logs + password manager exports · account takeover scope report · runs locally
  51. online defamation harassment litigation kitdrop social posts + dm exports + platform takedown logs · defamation evidence package · runs locally
  52. supply chain compromise incident kitdrop vendor audit logs + sbom + build pipeline exports · third-party breach scope binder · runs locally
  53. tenant landlord digital evidence kitdrop lease comms + smart lock logs + payment app exports · tenancy dispute evidence pack · runs locally
ready