Forensic Toolkit
Provides a secure, AI-ready local server for digital forensics, enabling automated investigation with precision and safety.
Acerca de
The Forensic Toolkit is a secure, AI-enabled local server designed for comprehensive digital forensics investigations. Built with the Model Context Protocol (MCP), it exposes semantically meaningful tools for analyzing system logs, verifying file integrity, and generating audit-grade forensic reports. This toolkit empowers both human analysts and large language models (LLMs) to perform automated investigations with enhanced precision and security.
Características Principales
- Conducts recursive integrity scanning with directory hashing
- Correlates file modifications with relevant log events
- Extracts file metadata and generates SHA-256 hashes
- Performs structured log triage using keyword-based scanning
- Ensures secure access control via a sandboxed environment with `SAFE_BASE`
- Generates human-readable forensic reports for analysis
- 1 GitHub stars
Casos de Uso
- Generating detailed forensic reports that combine file metadata, hashes, and correlated log data
- Investigating potential file tampering by correlating file changes with system log entries
- Triage system logs for specific keywords (e.g., 'error', security events) and summarize findings