fido2 attestation statement forensic analyzer — free browser tool | fatcousin

drop fido2 attestation (packed/tpm/android-key) · parse aaguid + cert chain

input

drop fido2 attestationObject · webauthn registration json

packed · tpm · android-key · base64 or CBOR

Select file

flags self-attestation · unknown AAGUID · weak COSE alg · expired x5c chain · local cert parse only

limits

heuristic screener · local cert parse only — no AAGUID registry lookup online · not definitive proof

status

>ready