fatcousin
// artifact family

cloud, social & logs

27 browser-only forensics tools in this catalog group — browse by artifact family when you know the kind of evidence you are working with, not the investigation pattern.

tools
27
catalog slugs
27
processing
local · in browser

tools in this family

ordered as in the forensics catalog. every tool runs locally — no upload, no account.

  1. docker image inspectordrop a docker save .tar · parse layers · manifest · config · view file changes per layer · detect secrets in history · show build commands · runs locally
  2. docker image analyzerdrop a docker image tar · layer structure · filesystem changes · sensitive files · build history · runs locally
  3. kubernetes config security analyzerpaste or drop Kubernetes YAML · scan for privileged containers · hostPID · missing limits · writable hostPath · NodePort exposure · RBAC issues · runs locally
  4. aws cloudtrail analyzerdrop cloudtrail json logs · api timeline · iam changes · security events · errors · runs locally
  5. kubernetes audit log analyzerdrop k8s audit logs · api timeline · rbac · pods · secrets · failures · runs locally
  6. google takeout parserdrop a Google Takeout ZIP · parse location history · YouTube watch history · search activity · Chrome history · activity logs · export CSV · runs locally
  7. discord chat parserdrop a Discord data package ZIP · browse servers · channels · message history · attachments · reactions · export CSV · runs locally
  8. slack export analyzerdrop a Slack workspace export ZIP · browse channels · users · messages · DMs · file sharing activity · timeline · export CSV · runs locally
  9. whatsapp chat parserdrop a WhatsApp _chat.txt export · parse participants · messages · media references · timeline · word frequency · export CSV · runs locally
  10. telegram export parserdrop a Telegram Desktop results.json export · browse chats · groups · channels · media · forwarded messages · export CSV · runs locally
  11. instagram data export parserdrop Instagram data export ZIP · parse messages · followers · following · posts · stories · liked content · search history · export CSV · runs locally
  12. facebook data export parserdrop Facebook data export ZIP · parse messages · friends · posts · ads · location · search history · devices · export CSV · runs locally
  13. nginx / apache log analyzerdrop access.log · parse combined log format · top IPs · paths · status codes · user agents · detect scanning · brute force · 404 storms · runs locally
  14. auth log analyzerdrop Linux auth.log · Windows Security EVTX CSV · parse failed logins · SSH attempts · sudo events · successful auth · flag brute force IPs · export · runs locally
  15. log correlation enginedrop multiple log files (nginx · auth · app) · auto-detect formats · merge by timestamp · cross-reference IPs across sources · unified timeline · export · runs locally
  16. access pattern analyzerdrop nginx · apache · auth.log · or browser history logs · detect request spikes · rare endpoints · off-hours access · anomaly scoring · export CSV · runs locally
  17. bash history analyzerdrop .bash_history or .zsh_history · parse commands · timestamps · frequency analysis · detect suspicious commands · sudo usage · network activity · runs locally
  18. cron job analyzerdrop crontab files or paste cron entries · parse schedule expressions · detect persistence · suspicious commands · network callbacks · export CSV · runs locally
  19. o365 audit log parserunified audit log json · timeline · suspicious · users · ips · mailbox · inbox rules · csv export · runs locally
  20. okta log analyzerokta system log json · timeline · suspicious · mfa fatigue · tor/proxy · users · ips · policy · csv export · runs locally
  21. github audit log parserjson or jsonl audit export · action actor org repo · repo org hook oauth protected branch secret scanning · suspicious flags · export csv · runs locally
  22. git repository forensic analyzerdrop a .git directory or git bundle file · extract full commit history · recover deleted commits via reflog · stash contents · author metadata · file change history · detect secret leaks in history · runs locally
  23. docker forensic artifact analyzerdrop docker daemon logs · container inspect json exports · image history · volume listings · network configurations · reconstruct container lifecycle · detect suspicious containers · data exfiltration via volumes · runs locally
  24. google takeout archive forensic parserdrop google takeout zip or individual takeout json csv html files · parse account activity across all google services · reconstruct location history search history youtube watch history gmail metadata and drive activity · surface forensic timeline across all google products · runs locally
  25. slack export forensic analyzerdrop slack workspace export zip or individual channel json files · parse all messages files and users · reconstruct conversation threads · surface file sharing deleted message indicators and user activity patterns · runs locally
  26. zoom meeting artifact extractordrop zoom meeting logs csv chat txt recording vtt transcript or account activity csv · parse meeting metadata participant lists chat messages and recording artifacts · reconstruct meeting timeline and participant activity · runs locally
  27. microsoft teams export forensic analyzerdrop teams export zip or eDiscovery teams json export · parse messages channels and user activity · reconstruct conversation threads and meeting records · surface file sharing deleted messages and guest access events · runs locally
ready