markmckinnon

markmckinnon is an independent developer whose forensic utilities focus on turning dense browser and system artefacts into human-readable timelines for incident-response teams, auditors, and private investigators. The portfolio revolves around the open-source “Leapp” family, lightweight parsers that extract, decode, and present log data that normally sits locked inside Chrome profiles or Linux journals. cLeapp concentrates on Chromium-based browsers, unpacking History, Cache, Cookies, Downloads, Extension activity, and encrypted Protobuf sessions so examiners can reconstruct a user’s web footprint without launching the browser itself. Its Linux-oriented siblings, lLeapp CLI and lLeapp GUI, apply the same philosophy to /var/log, systemd-journal, auditd, dpkg, bash_history, and recently-introduced systemd-homed vaults; investigators can run a portable binary against a mounted forensic image and receive CSV, SQLite, or HTML reports that map events to UTC timelines. Typical workflows include malware triage, insider-threat inquiries, compliance spot-checks, or simply cleaning up retired workstations before resale. Because all three tools are command-line driven (with an optional GUI wrapper) they slot neatly into Autopsy, plaso, or custom Python pipelines, yet remain small enough to fit on a USB stick for field work. markmckinnon’s software is available for free on get.nero.com, where downloads are delivered through trusted Windows package sources such as winget, always pull the latest upstream build, and can be installed individually or in batch with a single command.