// artifact family
threat intelligence feed forensics
10 browser-only forensics tools in this catalog group — browse by artifact family when you know the kind of evidence you are working with, not the investigation pattern.
tools in this family
ordered as in the forensics catalog. every tool runs locally — no upload, no account.
- virustotal ioc export forensic analyzerdrop virustotal export · parse hash + detection ratio + tags · runs locally
- urlhaus malware url feed forensic analyzerdrop urlhaus feed export · parse url + threat + status · runs locally
- phishtank phishing feed forensic analyzerdrop phishtank export · parse url + verification + target · runs locally
- abuseipdb report export forensic analyzerdrop abuseipdb export · parse ip + score + category · runs locally
- misp event export forensic analyzerdrop misp event export · parse attribute + galaxy + tag · runs locally
- openphish feed forensic analyzerdrop openphish feed export · parse url + brand + discovery · runs locally
- ioc feed stale indicator detectordrop 2+ ioc feed exports · detect stale/unremoved indicators · runs locally
- ioc hash collision anomaly detectordrop ioc feed export · detect conflicting hash classifications · runs locally
- multi threat feed timeline correlatordrop 2+ threat feed exports · unified ioc timeline graph · runs locally
- cross threat feed incident correlatordrop threat feed + siem exports · correlate ioc to alert hits · runs locally