fatcousin
// artifact family

hardware / tpm / hsm / side-channel

39 browser-only forensics tools in this catalog group — browse by artifact family when you know the kind of evidence you are working with, not the investigation pattern.

tools
39
catalog slugs
39
processing
local · in browser

tools in this family

ordered as in the forensics catalog. every tool runs locally — no upload, no account.

  1. tpm 2 0 measurement log pcr replay forensic analyzerdrop tpm 2.0 measurement log · replay pcr extends + verify final values · runs locally
  2. tpm 2 0 event log forensic analyzerdrop tpm 2.0 event log · parse measured events + attestation claims · runs locally
  3. tpm 1 2 pcr replay forensic analyzerdrop legacy tpm 1.2 measurement log · replay pcrs · runs locally
  4. uefi secure boot violation deep forensic analyzerdrop uefi secure boot variables + boot log · analyze violation vectors · runs locally
  5. intel sgx quote verification forensic analyzerdrop intel sgx quote · verify against ias + parse claims · runs locally
  6. intel tdx attestation quote forensic analyzerdrop intel tdx quote · verify + parse · runs locally
  7. amd sev attestation report forensic analyzerdrop amd sev attestation report · verify + parse · runs locally
  8. amd sev snp attestation report forensic analyzerdrop amd sev-snp attestation report · verify + parse · runs locally
  9. arm trustzone artifact forensic extractordrop arm trustzone artifact dump · parse secure-world artifacts · runs locally
  10. apple secure enclave artifact forensic extractordrop ios secure enclave artifact dump · parse · runs locally
  11. apple t2 security chip artifact forensic extractordrop mac t2 chip artifact dump · parse · runs locally
  12. windows vbs hvci attestation forensic analyzerdrop windows vbs / hvci attestation · parse claims · runs locally
  13. android keystore attestation cert chain forensic analyzerdrop android keystore attestation cert chain · parse + verify · runs locally
  14. android play integrity attestation forensic analyzerdrop play integrity attestation · parse claims · runs locally
  15. ios devicecheck app attestation forensic analyzerdrop ios devicecheck attestation · parse claims · runs locally
  16. hsm thales audit log forensic analyzerdrop thales luna hsm audit log · parse key + user events · runs locally
  17. hsm entrust audit log forensic analyzerdrop entrust nshield hsm audit log · runs locally
  18. hsm utimaco audit log forensic analyzerdrop utimaco cryptoserver audit log · runs locally
  19. hsm aws cloudhsm audit log forensic analyzerdrop aws cloudhsm audit log · parse key + user events · runs locally
  20. hsm azure dedicated hsm audit log forensic analyzerdrop azure dedicated hsm audit log · runs locally
  21. hsm gcp cloud hsm audit log forensic analyzerdrop gcp cloud hsm audit log · runs locally
  22. hsm yubihsm audit log forensic analyzerdrop yubihsm audit log · runs locally
  23. smart card apdu trace forensic analyzerdrop smart card apdu trace · parse command + response chain · runs locally
  24. piv cac card artifact forensic extractordrop piv / cac card artifact dump · parse credentials + certs · runs locally
  25. fido2 passkey attestation deep forensic analyzerdrop fido2 attestation statement (packed/tpm/android-key/apple) · parse aaguid + extensions · runs locally
  26. jtag capture forensic analyzerdrop jtag capture · parse cpu register + memory state · runs locally
  27. glitch attack residue forensic detectordrop firmware dump · detect voltage / clock glitch attack residue · runs locally
  28. side channel power trace forensic analyzerdrop power trace capture · parse for cryptographic key recovery patterns · runs locally
  29. hardware trojan binary pattern detectordrop firmware binary · detect known hardware trojan signatures · runs locally
  30. counterfeit ic die marking forensic analyzerdrop ic die / package photo · detect counterfeit indicators · runs locally
  31. bus pirate flashrom capture forensic analyzerdrop spi / i2c bus capture · parse messages · runs locally
  32. chip off emmc rpmb replay protected memory block forensic extractordrop emmc rpmb dump · parse counters + signatures · runs locally
  33. boot rom extraction forensic analyzerdrop boot rom extraction · parse rom contents · runs locally
  34. uefi firmware volume deep analyzerdrop uefi firmware volume dump · parse modules + ffs files · runs locally
  35. opal tcg self encrypting drive forensic analyzerdrop opal-compliant sed metadata · parse band config + lock state · runs locally
  36. bitlocker recovery key vs system state validatordrop bitlocker recovery package + system state · validate key chain · runs locally
  37. filevault 2 recovery key vs system state validatordrop filevault recovery key + system state · validate · runs locally
  38. luks keyslot forensic analyzerdrop luks header · parse keyslots + iterations · runs locally
  39. veracrypt volume header forensic analyzerdrop veracrypt header + hidden volume layout · analyze · runs locally
ready