fatcousin
home

drop multiple forensic artifact files · unified timeline · merge evtx registry prefetch lnk browser history mft · correlate events · export · runs locally

load artifacts
Drop files or folders
EVTX · registry hives · SCCA prefetch · LNK · Chrome History / Firefox places.sqlite · MFT CSV · generic CSV
binary + CSV parsing runs in a dedicated worker. Browser SQLite uses sql.js here. Nothing is uploaded.
status
drop EVTX · registry hives · prefetch · LNK · Chrome/Firefox sqlite · MFT CSV · binary/CSV parsed off-thread
merged 0 events
ready