Skip to content
/ discord_cache_parser Public
forked from jwdfir/discord_cache_parser

A digital forensics toolset for analyzing Discord's local cache artifacts. Designed for DFIR practitioners to quickly triage compromised hosts, recover deleted content, and generate portable forensic reports.

0 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

pentestpartners/discord_cache_parser

BranchesTags
 
 

Repository files navigation

🕵️‍♂️ Discord Forensic Suite

Python Platform Status Release

A digital forensics and incident response (DFIR) tool for extracting, analyzing, and reporting on Discord cache artifacts. Built by jwdfir to help investigators quickly triage compromised systems, recover deleted files, and reconstruct attacker timelines.

✨ Features

  • 🔍 Deep Cache Analysis: Parse for:
    • Attachments, images, thumbnails
    • Webhook URLs & API calls
    • Recon and exfil files
  • 📑 HTML / CSV Reports: Auto-generate forensic reports with SHA256 hashes and timestamps.
  • 📦 Evidence Package Mode: Bundle artifacts, a manifest, and the HTML report into a portable ZIP.
  • 🖥️ GUI & CLI: Choose between a command-line parser or a full GUI application.
  • 🔒 Investigator-Friendly: Simple, self-contained tool. No Discord API keys or elevated privileges needed.

📸 Screenshots

GUI
image
CLI
image
Sample HTML Report
image
Sample CSV Timeline
image
Sample CSV Report
image

About

A digital forensics toolset for analyzing Discord's local cache artifacts. Designed for DFIR practitioners to quickly triage compromised hosts, recover deleted content, and generate portable forensic reports.

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Python 100.0%