Skip to content

RenggaSenpaii/forensix

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
forensix
forensix
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
cli.py
cli.py
 
 
setup.py
setup.py
 
 

Repository files navigation

FORENSIX

███████╗ ██████╗ ██████╗ ███████╗███╗   ██╗███████╗██╗██╗  ██╗
██╔════╝██╔═══██╗██╔══██╗██╔════╝████╗  ██║██╔════╝██║╚██╗██╔╝
█████╗  ██║   ██║██████╔╝█████╗  ██╔██╗ ██║███████╗██║ ╚███╔╝
██╔══╝  ██║   ██║██╔══██╗██╔══╝  ██║╚██╗██║╚════██║██║ ██╔██╗
██║     ╚██████╔╝██║  ██║███████╗██║ ╚████║███████║██║██╔╝ ██╗
╚═╝      ╚═════╝ ╚═╝  ╚═╝╚══════╝╚═╝  ╚═══╝╚══════╝╚═╝╚═╝  ╚═╝

Forensix is a DFIR-focused browser forensic toolkit built with Python.

The framework is designed to parse browser artifacts such as:

  • Chrome History
  • Downloads
  • Login Data
  • Browser Activity Timeline

Forensix provides clean terminal output and HTML forensic reports for investigation workflows.

Features

  • Chrome History Parser
  • Downloads Artifact Parser
  • Login Data Parser
  • Browser Activity Timeline
  • HTML Timeline Report
  • Rich Terminal UI
  • SQLite Artifact Parsing
  • Modular DFIR Structure

Project Structure

forensix/
│
├── cli.py
├── setup.py
├── requirements.txt
│
├── forensix/
│   ├── core/
│   └── parsers/
│
└── reports/

Installation

Clone Repository

git clone https://github.com/RenggaSenpaii/forensix.git
cd forensix

Create Virtual Environment

python3 -m venv venv

Activate Virtual Environment

Linux

source venv/bin/activate

Install Dependencies

pip install -r requirements.txt

Browser Artifact Acquisition

Chrome / Chromium History

cp ~/.config/chromium/Default/History .

Chrome / Chromium Login Data

cp ~/.config/chromium/Default/"Login Data" .

Usage

Parse Browser History

PYTHONPATH=. python cli.py chrome History

Parse Downloads

PYTHONPATH=. python cli.py downloads History

Parse Login Data

PYTHONPATH=. python cli.py logins "Login Data"

Generate Browser Timeline

PYTHONPATH=. python cli.py timeline History "Login Data"

Generate HTML Timeline Report

PYTHONPATH=. python cli.py timeline History "Login Data" -o timeline.html

Example Output

Timeline View

[HISTORY] https://github.com

[DOWNLOAD] payload.zip

[LOGIN] https://github.com -> admin@gmail.com

HTML Report

Generate forensic investigation reports in HTML format.

firefox timeline.html

Requirements

  • Python 3
  • Rich
  • Typer
  • SQLite3

Legal Disclaimer

This tool is intended for:

  • Digital Forensics
  • DFIR Learning
  • Security Research
  • Authorized Investigations

The author is not responsible for misuse.

Author

Built for DFIR & Security Research.

About

Browser artifact and timeline analysis toolkit for DFIR and digital forensics.

Topics

python sqlite dfir digital-forensics timeline-analysis browser-forensics artifact-analysis

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages