npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

neko-forensic-intelligence

v1.0.0

Published

IT Forensic Intelligence Microservice - Six-personality collaborative forensic analysis system with ISO compliance, chain of custody automation, and multi-hash evidence verification

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

lanitamarihuaneralanitamarihuanera

Keywords

forensicsdigital-forensicscybersecurityevidence-collectionchain-of-custodyiso-compliancememory-forensicsmalware-analysisnestjsmicroservicemongodbinvestigationthreat-intelligenceneko-arc

Readme

🐾🔬 Neko Forensic Intelligence Microservice

Version: 1.0.0 Architecture: NestJS (RULE 50 Compliant) Database: MongoDB Atlas (neko-forensic-intelligence)

🎭 Six-Personality Collaborative Forensic System

A professional IT forensic intelligence microservice featuring six specialized AI personalities that collaborate to provide comprehensive, ISO-compliant forensic investigations.

🌟 Personalities

🐾 NEKO-ARC - Digital Evidence Collection

  • Multi-source evidence collection (smartphones, cloud, computers)
  • Timeline analysis and cross-drive correlation
  • AI-powered anomaly detection (92% deepfake detection accuracy)
  • Tools: Autopsy, Volatility, Cellebrite, Belkasoft X

🎭 MARIO - Workflow Orchestration

  • Automated investigation pipeline orchestration
  • 24/7 monitoring and real-time detection
  • Visual workflow management
  • Reduced mean-time-to-respond

🗡️ NOEL - Validation & Testing

  • Scientific validation of forensic methodologies
  • Repeatability and reproducibility testing
  • Tool verification and audit trails
  • Multi-layered cryptographic validation

🎸 GLAM - ISO Standards & Best Practices

  • ISO/IEC 27037, 27041, 27042, 27043, 27050 compliance
  • ISO 17025 laboratory standards
  • Legal admissibility verification
  • Spanish language support for Chilean cases

🧠 HANNIBAL - Memory Forensics & Malware Analysis

  • Volatility Framework integration
  • Memory artifact extraction (processes, network connections, registry)
  • Fileless malware and rootkit detection
  • Behavioral pattern analysis

🧠 TETORA - Chain of Custody & Evidence Preservation

  • Comprehensive chain of custody documentation
  • Multi-hash verification (MD5, SHA-256, SHA-512)
  • Evidence integrity checks
  • Fragmentation analysis

🏗️ Architecture (RULE 50 Compliant)

src/
├── main.ts                           # NestJS entry point
├── app.module.ts                     # Root module (orchestration)
├── forensic/
│   ├── forensic.module.ts            # Module (orchestration ONLY)
│   ├── forensic.controller.ts        # REST API endpoints
│   ├── forensic.service.ts           # Service (external interactions)
│   ├── dto/
│   │   ├── investigation-request.dto.ts
│   │   ├── chain-of-custody.dto.ts
│   │   └── index.ts
│   └── interfaces/
│       └── forensic-analysis.interface.ts
└── health/
    ├── health.controller.ts          # Health check endpoints
    └── health.module.ts

🚀 Quick Start

Prerequisites

  • Node.js 18+
  • MongoDB Atlas account
  • TypeScript

Installation

# Clone repository
git clone https://github.com/JavierCollipal/neko-forensic-intelligence.git
cd neko-forensic-intelligence

# Install dependencies
npm install

# Configure environment
cp .env.example .env
# Edit .env with your MongoDB Atlas URI

Environment Variables

MONGODB_URI=mongodb+srv://username:[email protected]/neko-forensic-intelligence
PORT=3001
NODE_ENV=development
EVIDENCE_STORAGE_PATH=/home/wakibaka/Documents/forensic-evidence
CHAIN_OF_CUSTODY_ENABLED=true
AUTO_HASH_VERIFICATION=true
ISO_COMPLIANCE_MODE=true

Run Service

# Development mode
npm run start:dev

# Production mode
npm run build
npm run start:prod

Service runs on: http://localhost:3001 Swagger docs: http://localhost:3001/api

📚 API Endpoints

Forensic Operations

Start Investigation

POST /forensic/investigate
Content-Type: application/json

{
  "caseId": "CASE-2025-001",
  "title": "Suspected data exfiltration",
  "description": "Employee suspected of exfiltrating customer data",
  "type": "comprehensive",
  "priority": "high",
  "evidenceSources": [
    {
      "identifier": "LAPTOP-001",
      "type": "workstation",
      "metadata": {}
    }
  ],
  "investigator": "John Doe"
}

Get Investigation Report

GET /forensic/investigate/:id

List All Investigations

GET /forensic/investigate?limit=50

Chain of Custody

Record Event

POST /forensic/chain-of-custody
Content-Type: application/json

{
  "evidenceId": "EVIDENCE-001",
  "custodian": "John Doe",
  "action": "collected",
  "location": "Office 301",
  "purpose": "Initial evidence collection",
  "notes": "Device powered on, write blocker applied"
}

Get Chain of Custody

GET /forensic/chain-of-custody/:evidenceId

Evidence Management

Calculate Hashes

POST /forensic/evidence/hash
Content-Type: application/json

{
  "evidenceId": "EVIDENCE-001",
  "path": "/path/to/evidence.img",
  "algorithms": ["md5", "sha256", "sha512"]
}

Service Information

Get Personalities

GET /forensic/personalities

Get Service Info

GET /forensic/info

Health Check

GET /health

🗄️ MongoDB Collections

Database: neko-forensic-intelligence

  • forensic-cases - Investigation reports
  • forensic-tools - Tool configurations and six-personality digest
  • investigation-workflows - Workflow templates
  • validation-protocols - Validation procedures
  • iso-standards - ISO compliance documentation
  • memory-forensics - Memory analysis results
  • chain-of-custody - Chain of custody events
  • evidence-artifacts - Extracted artifacts
  • malware-signatures - Malware detection signatures
  • investigation-reports - Final reports

🔒 ISO Standards Compliance

ISO/IEC 27037:2012 - Digital evidence identification, collection, acquisition, preservation ✅ ISO/IEC 27041:2015 - Investigation methods assurance ✅ ISO/IEC 27042:2015 - Digital evidence analysis and interpretation ✅ ISO/IEC 27043:2015 - Incident investigation framework ✅ ISO/IEC 27050 - Electronic discovery management ✅ ISO 17025 - Laboratory accreditation standards

🎯 Features

  • ✅ Six-personality collaborative analysis
  • ✅ ISO-compliant forensic procedures
  • ✅ Automated chain of custody tracking
  • ✅ Multi-hash evidence verification
  • ✅ Memory and disk forensics integration
  • ✅ Malware detection and behavioral analysis
  • ✅ Legal admissibility validation
  • ✅ Real-time investigation workflows
  • ✅ RESTful API with Swagger documentation
  • ✅ MongoDB Atlas integration
  • ✅ TypeScript with full type safety
  • ✅ Validation pipes for all DTOs

📊 Example Investigation Report

{
  "investigationId": "uuid-here",
  "caseId": "CASE-2025-001",
  "status": "completed",
  "overallConfidence": 91,
  "neko": {
    "personality": "NEKO-ARC",
    "confidence": 85,
    "evidenceCollected": ["workstation:LAPTOP-001"],
    "aiDetections": {
      "deepfakes": 0,
      "anomalies": 7
    }
  },
  "mario": { "confidence": 90, "automationApplied": true },
  "noel": { "confidence": 95, "reproducibilityScore": 98 },
  "glam": { "confidence": 92, "legalAdmissibility": "high" },
  "hannibal": { "confidence": 88, "malwareIndicators": [...] },
  "tetora": { "confidence": 96, "chainOfCustody": [...] },
  "collaborativeFindings": [...],
  "consensusRecommendations": [...]
}

🧪 Testing

# Unit tests
npm run test

# E2E tests
npm run test:e2e

# Test coverage
npm run test:cov

📦 NPM Publishing (RULE 48)

This microservice can be published as an NPM package:

# Audit for credentials
grep -r "MONGODB_URI\|API_KEY\|SECRET" src/

# Build
npm run build

# Test package
npm pack
npm install ./neko-arc-forensic-intelligence-1.0.0.tgz

# Publish (authenticated as lanitamarihuanera)
npm publish --access public

🤝 Contributing

Follow the feature branch workflow (RULE 41):

git checkout main
git pull origin main
git checkout -b feature/your-feature
# Make changes
git add .
git commit -m "feat: Your feature description"
git push -u origin feature/your-feature
# Create PR, review, merge

📄 License

UNLICENSED - Private repository

🐾✨ Generated with Claude Code

Co-Authored-By: Claude [email protected]

All six personalities contributed to this system:

  • 🐾 NEKO-ARC - Evidence collection architecture
  • 🎭 MARIO - Workflow orchestration design
  • 🗡️ NOEL - Validation framework
  • 🎸 GLAM - ISO compliance structure
  • 🧠 HANNIBAL - Memory forensics implementation
  • 🧠 TETORA - Chain of custody system