Metadata-Version: 2.4
Name: metaforge-forensics
Version: 1.0.0
Summary: Digital Forensics CLI Tool — Metadata, Steganography, OSINT & Section 65B PDF Reports
Home-page: https://github.com/tanishsareen/metaforge
Author: Tanish Sareen
Author-email: sareentanishq0@gmail.com
License: MIT
Project-URL: Bug Tracker, https://github.com/tanishsareen/metaforge/issues
Project-URL: Documentation, https://github.com/tanishsareen/metaforge#readme
Keywords: forensics,digital-forensics,steganography,osint,metadata,exif,section-65b,evidence,kali-linux,cybersecurity,hashing,pdf-report,encryption-detection
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.8
Classifier: Programming Language :: Python :: 3.9
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: License :: OSI Approved :: MIT License
Classifier: Operating System :: POSIX :: Linux
Classifier: Environment :: Console
Classifier: Topic :: Security
Classifier: Topic :: Utilities
Classifier: Intended Audience :: Information Technology
Classifier: Intended Audience :: Legal Industry
Classifier: Intended Audience :: Science/Research
Classifier: Natural Language :: English
Requires-Python: >=3.8
Description-Content-Type: text/markdown
License-File: LICENSE
Requires-Dist: click>=8.0
Requires-Dist: rich>=12.0
Requires-Dist: Pillow>=9.0
Requires-Dist: python-magic>=0.4
Requires-Dist: mutagen>=1.45
Requires-Dist: exifread>=3.0
Requires-Dist: reportlab>=3.6
Requires-Dist: numpy>=1.21
Requires-Dist: geopy>=2.4.1
Requires-Dist: PyPDF2>=3.0.1
Dynamic: author
Dynamic: author-email
Dynamic: classifier
Dynamic: description
Dynamic: description-content-type
Dynamic: home-page
Dynamic: keywords
Dynamic: license
Dynamic: license-file
Dynamic: project-url
Dynamic: requires-dist
Dynamic: requires-python
Dynamic: summary

# MetaForge 🔍

> **Digital Forensics CLI Tool** — Metadata Extraction · Steganography Detection · SHA/MD5 Hashing · Section 65B PDF Reports

[![Python](https://img.shields.io/badge/Python-3.8%2B-blue?logo=python)](https://python.org)
[![License](https://img.shields.io/badge/License-MIT-green)](LICENSE)
[![Platform](https://img.shields.io/badge/Platform-Linux%20%7C%20Kali-red?logo=linux)](https://kali.org)
[![Author](https://img.shields.io/badge/Author-Tanish%20Sareen-navy)](https://github.com/tanishsareen)

---

## What is MetaForge?

MetaForge is a Python CLI tool built for digital forensics analysts, cybersecurity professionals, and Indian law enforcement. It performs:

- **Metadata Extraction** — EXIF, GPS, file timestamps, MIME type from images, audio, and video
- **Cryptographic Hashing** — MD5, SHA-1, SHA-256 computation and verification
- **Steganography Detection** — LSB entropy analysis, Chi-square statistical test, appended data detection, embedded string extraction
- **Section 65B Reports** — Generates PDF forensic reports compliant with Section 65B of the Indian Evidence Act, 1872 — a legal requirement for submitting electronic evidence in Indian courts

---

## Installation

### From PyPI (recommended)
```bash
pip install metaforge
```

### From source
```bash
git clone https://github.com/tanishsareen/metaforge.git
cd metaforge
pip install -r requirements.txt
pip install -e .
```

### Kali Linux
```bash
sudo apt install metaforge
```

---

## Usage

### Full forensic scan (recommended)
```bash
metaforge scan evidence.jpg \
  --case "FIR-2026-001" \
  --examiner "Tanish Sareen" \
  --desc "Forensic analysis of photographic evidence"
```

### Metadata only
```bash
metaforge meta photo.jpg
metaforge meta audio.mp3 --json
```

### Steganography analysis
```bash
metaforge steg suspicious_image.png
```

### Hash computation & verification
```bash
metaforge hash evidence.jpg
metaforge hash evidence.jpg --verify abc123... --algo sha256
```

---

## Example Output

```
  __  __      _        _____
 |  \/  | ___| |_ __ _|  ___|__  _ __ __ _  ___
 | |\/| |/ _ \ __/ _` | |_ / _ \| '__/ _` |/ _ \
 | |  | |  __/ || (_| |  _| (_) | | | (_| |  __/
 |_|  |_|\___|\__\__,_|_|  \___/|_|  \__, |\___|
                                       |___/
  Digital Forensics CLI Tool  v1.0.0
  Author: Tanish Sareen  |  Section 65B Report Generation

────────────── Forensic Scan Started ──────────────
Target: evidence.jpg

╭──────────────────────────────────────────╮
│           CLEAN                          │
│       Steganography Verdict              │
╰──────────────────────────────────────────╯
✔ Report saved: evidence_metaforge_report.pdf
```

---

## Section 65B Compliance

Section 65B of the **Indian Evidence Act, 1872** mandates that electronic records submitted as evidence must be accompanied by a certificate verifying:

- The computer was in regular use during the relevant period
- The electronic record was produced in the ordinary course of activities
- The computer was functioning properly
- The information in the record is derived from the computer's activities

MetaForge generates this certificate automatically in every PDF report.

---

## Architecture

```
metaforge/
├── __init__.py        # Version, author metadata
├── extractor.py       # Metadata extraction engine (EXIF, AV, file info)
├── steg_detector.py   # Steganography detection (LSB, chi-square, appended data)
├── reporter.py        # Section 65B PDF report generator (ReportLab)
└── cli.py             # Click-based CLI interface
```

---

## Steganography Detection Methods

| Method | Description |
|--------|-------------|
| **LSB Entropy Analysis** | Measures entropy of least significant bits per RGB channel. Near-1.0 entropy indicates possible LSB embedding |
| **Chi-Square Test** | Statistical test on pixel value pair frequencies. Equalised pairs suggest LSB steganography |
| **Appended Data Detection** | Checks for bytes after JPEG `FFD9` / PNG `IEND` EOF markers |
| **String Extraction** | Extracts printable ASCII strings from binary content (like Unix `strings`) |

---

## Requirements

- Python 3.8+
- Linux (Kali, Ubuntu, Debian)
- Dependencies: `click`, `rich`, `Pillow`, `python-magic`, `mutagen`, `exifread`, `reportlab`, `numpy`

---

## Author

**Tanish Sareen**
- BCA (Cyber Security & Forensics), CT University, Punjab
- Member, Institutional Innovation Cell (IIC)
- GitHub: [@tanishsareen](https://github.com/tanishsareen)

---

## License

MIT License — see [LICENSE](LICENSE)

---

## Contributing

Pull requests are welcome. For major changes, open an issue first.

---

*Built for Indian law enforcement and cybersecurity professionals. Submitted to IIC YUKTI Innovation 2025.*
