containerd runtime state forensic analyzer — free browser tool | fatcousin

drop containerd state dir + log · parse container lifecycle events · timeline + findings · runs locally

input

drop containerd state + log

containerd.log · metadata json · snapshot listings · metadata.db export · multiple files

Select file

flags pause container tampering · snapshot deletes · exec / nsenter events · privileged runtime · exec bursts

limits

heuristic screener · metadata.db is string-scanned not sqlite-decoded · format varies by distro/version · parses artifacts locally · not definitive proof

status

>ready