fatcousin
// industry vertical

forensic platform case exports

Nuix · EnCase · Autopsy · Volatility · Paladin · AXIOM Cyber · Sleuth Kit · AD1 · BlackLight/Macquisition native case/database exports — parse suite artifacts + merge custodian/hash overlap across platforms.

tools
12
priority
H
processing
local · in browser

start here · primary tools

ordered. work top-down. the first tool is the suggested entry point for this vertical.

  1. nuix workstation case export forensic analyzerdrop nuix case xml/csv export · parse custodian + processing + metadata fields · runs locally
  2. encase ex01 evidence file forensic analyzerdrop encase ex01/e01 segment export · parse header + volume + compression map · runs locally
  3. autopsy case database forensic analyzerdrop autopsy case sqlite + report bundle · parse ingest modules + tagged results · runs locally
  4. forensic platform case correlation merge tooldrop 2+ suite case exports · correlate custodian + hash overlap graph · runs locally
  5. case report generatorfill in case number · examiner · dates · findings · drop evidence files for auto hash · generates structured forensic report PDF · runs locally

also useful · secondary tools

cross-cutting tools that surface depending on the specific investigation.

  1. volatility memory dump metadata forensic analyzerdrop volatility json/text plugin output · parse process + dll + network artifacts · runs locally
  2. paladin forensic suite export forensic analyzerdrop paladin case export · parse mounted images + tool run log · runs locally
  3. axiom cyber cloud artifact export analyzerdrop magnet axiom cyber cloud export · parse oauth tokens + sync artifacts · runs locally
  4. sleuth kit filesystem artifact timeline extractordrop tsk fls/ils csv export · parse inode timeline + deleted entries · runs locally
  5. ad1 logical evidence file forensic analyzerdrop accessdata ad1 logical export · parse segment table + file entries · runs locally
  6. blacklight macquisition image forensic analyzerdrop macquisition aff/image metadata export · parse acquisition log + hashes · runs locally
  7. evidence manifest generatordrop evidence files · compute md5 sha1 sha256 · chain of custody manifest · case number · analyst · export pdf and csv · runs locally

want deeper platform coverage?

this vertical is intentionally sparse — deep-moat coverage grows over time. tracked in the forensics rollout.

ready