Open Source
Investigate AI tools.
Collect the evidence.
AI-Forensicator is a macOS forensic analysis tool that collects artifacts from AI applications — Claude, ChatGPT, Cursor, and major browsers. Purpose-built for incident response teams and AI auditing workflows.
Capabilities
Built for forensic rigor
Every design decision prioritizes evidence integrity, analyst safety, and reproducibility.
Read-Only Collection
Non-destructive artifact collection preserves original evidence integrity. No writes to source locations.
Credential Redaction
Automatically detects and redacts API keys, tokens, and secrets from collected artifacts before export.
Interactive Terminal UI
Rich terminal interface with selectable collectors, real-time progress, and formatted results display.
Extensible Collectors
Plugin architecture makes it simple to add new AI application collectors as the landscape evolves.
Multiple Export Formats
Export collected evidence as structured JSON, human-readable text reports, or compressed archives.
Chronological Timeline
Automatically reconstructs a timeline of AI tool usage across all collected applications and sessions.
Compatibility
Supported applications
Collectors for the most widely used AI tools and browsers on macOS.
Get Started
Up and running in minutes
Clone the repository, install dependencies, and start collecting.
# Clone the repository
$ git clone https://github.com/ACandeias/ai-forensicator.git
$ cd ai-forensicator
# Install dependencies
$ pip install -r requirements.txt
# Run the collector
$ python ai_forensicator.pyOpen Source
Contribute or get started
AI-Forensicator is MIT licensed and open to contributions. Report issues, submit collectors, or use it in your next investigation.