Skip to content

northloopforensics/Fetch

Repository files navigation

A tool to help investigators convert raw data into actionable maps.

Version 3 is here!

Try out the web-app at https://northloopconsulting.com/products

alt text

Here is how it works:

As the tool opens you may generate a geo-fence by drawing shapes on the provided map to collect coordinates. Simply close the shape you are drawing to see the latitude and longitude for each point you create.

alt text

OR You can provide a data set and generate your own maps.

alt text

If the input file is correctly configured you will see a preview map. If not, the collapsable Manage Ingested Data window allows you to select the number of header lines to remove, filter for specific time frames, and average/consolidate points for a time interval (ex. 1 point every 5 minutes). The input file MUST contain columns labeled "Latitude" and "Longitude".

alt text

Analysis Maps include points, heat map, and cell site options.

alt text

Each of these analysis options may prompt you for additional information before data will populate.

Remove map layers to access new helpful views.

alt text

KML Map labels are assigned by selecting a column. Descriptions can be assigned to each location to provide additional information about that point. The data in that column will appear with map points on Google Earth.After making the appropriate selections for your data set, hit the Generate KML button.

The below image is Google Earth output.

alt text

KML and HTML maps can be downloaded for later use.

alt text

The below image is an I.P. address query result using ipinfo.io on the Geofence page.

alt text

Additional support for mapping IP addresses has been added in "IP Address Mapping" allowing batch IP address searches. The best part is you don't have to weed through e-mail headers or large data sets to find the IP addresses. Fetch will locate IP addresses and remove local addresses like 10.0.0.1 or 127.0.0.1 to query the geographic area for public facing IPs. Add your own relevant location to perhaps indicate where a victim received an email.

alt text

Thanks to Jonathan Todd for contributions on GPX support!