nova-livestream-impersonation — Twitch OAuth grant abuse + deepfake stream

what this proves

• every primary engine produces deterministic, fixture-locked output — verified by npm run check:flagship (7/7).
• every output is generated 100% locally in your browser — no upload, no server-side processing of your evidence.
• the full case binder is built from these outputs without uploading a single byte — click below to generate it locally.

primary engines locked to this fixture

• obs-streamlabs-config-forensic-analyzer
• twitch-chat-log-forensic-analyzer
• youtube-gaming-stream-chat-forensic-analyzer
• video-deepfake-analyzer
• ai-synthetic-voice-generation-artifact-analyzer
• google-account-activity-export-forensic-deep-analyzer
• casb-oauth-token-abuse-detector

build the case binder

one click runs all primary engines on the synthetic evidence, assembles findings into a self-contained html binder, and opens it in a new tab. print to pdf from there — still zero upload.

download the synthetic evidence

MIT-licensed, fully synthetic, safe to attach to a PR or send to a reviewer. Compare your local runs against the published goldens.

built deterministically from scripts/fixtures/build-nova-livestream-impersonation.mjs. seed: nova-livestream-impersonation:v1.

methodology

livestream takeovers leave a clear access ladder: OAuth grant → mod elevation → stream key replacement → live session. the OBS config diff timestamps the stream key swap; the Twitch VOD export anchors when the attacker account was elevated to mod; the Google account activity export confirms the OAuth phishing token grant. the deepfake detection and voice-clone analyzer close the synthetic-media loop before platform escalation. read the full livestream impersonation / creator takeover guide →

after the playbook

export findings from each primary engine, then drop every csv/json into fatcousin-multi-tool-super-timeline-correlator. one timeline across OAuth grant, mod elevation, stream key swap, and deepfake stream start — still zero upload.