TriageVault

TriageVault is a desktop + web app that helps incident responders and small forensic teams quickly collect, hash, and triage endpoint artifacts into a defensible case package. It focuses on the messy middle: turning ad-hoc IR notes, volatile data grabs, and scattered logs into a clean timeline and exportable evidence bundle with chain-of-custody. The desktop agent performs targeted acquisition (browser history, event logs, prefetch, autoruns, key directories, memory snapshot optional) and computes hashes locally; the web console manages cases, permissions, and standardized reporting. An AI assistant is included, but constrained: it summarizes findings, suggests next collection steps, and drafts a report while always linking claims to specific artifacts. It’s built for speed and repeatability, not deep lab-grade analysis—because most small shops never get that far under time pressure.