digital-forensics-labs/mobile-pii-discovery-agent

mirror of https://github.com/frankwxu/mobile-pii-discovery-agent.git synced 2026-04-10 12:13:44 +00:00

Go to file

Frank Xu abb92e0369 fix sql_utils rows to text function

2026-01-18 17:10:53 -05:00

add dbs

2026-01-03 17:46:09 -05:00

.env

Initial commit: PII Discovery Agent for Mobile Databases

2025-12-26 13:28:44 -05:00

.gitignore

Ignore specific database files with embedded secrets

2026-01-03 17:44:02 -05:00

agent_evidence_discovery_fix.ipynb

fix sql_utils rows to text function

2026-01-18 17:10:53 -05:00

agent_evidence_discovery.ipynb

Initial commit: PII Discovery Agent for Mobile Databases

2025-12-26 13:28:44 -05:00

agent_evidence_many_tables.ipynb

lose phone regularexpression

2025-12-27 15:35:10 -05:00

LICENSE

Initial commit

2025-12-26 13:19:54 -05:00

readme.md

Initial commit: PII Discovery Agent for Mobile Databases

2025-12-26 13:28:44 -05:00

sql_utils.py

fix sql_utils rows to text function

2026-01-18 16:15:10 -05:00

user4.db

Initial commit: PII Discovery Agent for Mobile Databases

2025-12-26 13:28:44 -05:00

readme.md

LLM-Guided SQL Evidence Extraction

This project implements a lightweight LLM-assisted pipeline for discovering and extracting evidentiary artifacts from SQLite databases commonly found in mobile device extractions.

The system separates discovery and extraction to reduce search space, avoid hallucinated SQL, and preserve explainability.

Features

LLM-guided SQL planning with deterministic execution
Discovery to extraction workflow
Fixed evidence types: EMAIL, PHONE, USERNAME, PERSON_NAME
Safe SQLite execution with REGEXP support
UNION / UNION ALL–aware column extraction
Transparent, inspectable state machine

Setup

pip install langchain langgraph python-dotenv