An all-in-one, browser-based digital forensics toolkit for evidence acquisition, analysis, and court-admissible report generation β following ACPO chain of custody guidelines.
Author: Aswin Mathew
- Hash Calculator β MD5, SHA-1, SHA-256, SHA-512 for files & text
- Hex Viewer β Binary inspection with hex dump + ASCII view
- Metadata Extractor β File properties, EXIF/image data extraction
- File Signature Analyzer β Magic bytes detection for true file type verification
- String Extractor β ASCII string extraction with URL, email & path detection
- Hash Comparator β Evidence integrity verification through hash comparison
- Base64 Codec β Encode/decode Base64 data
- Entropy Analysis β Shannon entropy for encryption/compression detection
- Steganography Detector β LSB analysis, appended data detection, entropy profiling
- Case Management β Full case information setup
- Chain of Custody Log β ACPO-compliant evidence handling records
- Evidence Registry β Central evidence log with hash tracking
- Timeline / Audit Trail β Automatic activity logging for all tools
- Report Generator β Court-admissible HTML/Text forensic reports with signatures
- ACPO Guidelines β Full 4-principle reference with implementation checklist
100% Client-Side Processing β No data leaves your browser. Ever.
- β No server-side processing
- β No file uploads to external services
- β No cookies, tracking, or analytics
- β Works completely offline after first load
- β Safe for handling sensitive investigation data
-
Fork or clone this repository:
git clone https://github.com/yourusername/forensx-lab.git cd forensx-lab -
Push to your GitHub account:
git remote set-url origin https://github.com/yourusername/forensx-lab.git git push -u origin main
-
Enable GitHub Pages:
- Go to your repo β Settings β Pages
- Source: Deploy from a branch
- Branch: main β / (root)
- Click Save
-
Access your live site:
https://yourusername.github.io/forensx-lab/
Just download index.html and open it in any modern browser. That's it β no build tools, no dependencies, no server needed.
| Browser | Status |
|---|---|
| Chrome 90+ | β Full Support |
| Firefox 88+ | β Full Support |
| Edge 90+ | β Full Support |
| Safari 15+ | β Full Support |
| Mobile Chrome/Safari | β Responsive UI |
Requirements: Modern browser with Web Crypto API support (all current browsers).
This tool follows the Association of Chief Police Officers (ACPO) Good Practice Guide for Digital Evidence:
| Principle | Description | How ForensX Implements It |
|---|---|---|
| 1 | No action should change evidence data | All processing is read-only on forensic copies |
| 2 | Accessing original data requires competency | Tool provides guidance and reference materials |
| 3 | Audit trail must be maintained | Automatic timeline logging of all activities |
| 4 | Investigation lead has overall responsibility | Case management with examiner designation |
- Digital Forensic Investigations β Analyze files, verify integrity, document chain of custody
- Incident Response β Quick file triage, hash verification, string extraction
- Cybersecurity Training β Learn forensic methodology with hands-on tools
- Academic Projects β Demonstrate digital forensics concepts
- Evidence Processing β Generate court-admissible documentation
forensx-lab/
βββ index.html # Single-file application (HTML + CSS + JS)
βββ README.md # This file
βββ LICENSE # MIT License
Zero dependencies. Zero build step. One file.
The entire application is contained in a single index.html file using:
- Vanilla JavaScript (no frameworks)
- Web Crypto API for cryptographic hashing
- CSS Grid/Flexbox for responsive layout
- FileReader API for local file processing
Contributions welcome! Ideas for expansion:
- NTFS/FAT filesystem parser
- Registry hive viewer
- Email header analyzer
- Network packet parser (PCAP)
- Memory dump analyzer
- Disk image mounting (dd/E01)
- PDF metadata deep extraction
- EXIF GPS coordinate mapping
- Multi-language support
MIT License β See LICENSE for details.
Aswin Mathew
π aswinmathew.xyz