// artifact family
container registry / artifact repository forensics
10 browser-only forensics tools in this catalog group — browse by artifact family when you know the kind of evidence you are working with, not the investigation pattern.
tools in this family
ordered as in the forensics catalog. every tool runs locally — no upload, no account.
- jfrog artifactory access log forensic analyzerdrop artifactory access log export · parse repo + artifact + user action · runs locally
- aws ecr image scan forensic analyzerdrop ecr image scan export · parse finding + severity + image digest · runs locally
- azure container registry audit forensic analyzerdrop acr audit log export · parse repository + operation + caller · runs locally
- gcp artifact registry audit forensic analyzerdrop gcp artifact registry audit export · parse package + version + principal · runs locally
- quay container registry audit forensic analyzerdrop quay audit log export · parse repo + tag + robot account · runs locally
- github container registry audit forensic analyzerdrop ghcr audit export · parse package + actor + download/push · runs locally
- registry image signature verification anomaly detectordrop registry attestation export · detect unsigned/unverified image pushes · runs locally
- registry malicious layer upload detectordrop registry push log export · detect suspicious layer upload bursts · runs locally
- multi registry image provenance correlatordrop 2+ registry audit exports · correlate digest + tag lineage · runs locally
- cross registry tag mutation correlatordrop registry + ci exports · correlate tag moves to build pipeline · runs locally