// artifact family
network detection & response forensics
10 browser-only forensics tools in this catalog group — browse by artifact family when you know the kind of evidence you are working with, not the investigation pattern.
tools in this family
ordered as in the forensics catalog. every tool runs locally — no upload, no account.
- darktrace model breach export forensic analyzerdrop darktrace breach export · parse model + device + score · runs locally
- vectra ai detect export forensic analyzerdrop vectra detect export · parse host + detection + certainty · runs locally
- extrahop revealx export forensic analyzerdrop extrahop revealx export · parse device + protocol + risk · runs locally
- corelight network security export forensic analyzerdrop corelight export · parse conn + dns + http meta · runs locally
- gigamon metadata export forensic analyzerdrop gigamon metadata export · parse flow + app + tunnel · runs locally
- ndr east west traffic anomaly detectordrop ndr flow export · detect east-west traffic anomalies · runs locally
- ndr c2 beaconing pattern detectordrop ndr session export · detect c2 beaconing intervals · runs locally
- ndr data exfiltration volume detectordrop ndr flow export · detect outbound data exfil bursts · runs locally
- multi ndr threat timeline correlatordrop 2+ ndr exports · unified network threat timeline graph · runs locally
- cross ndr edr incident correlatordrop ndr + edr exports · correlate network alert to host incident · runs locally