Leviathan Forensics

Leviathan Forensics turns VS Code into a sharp, practical workspace for binary inspection and incident-response style digging. Open a file, choose a tool, and start pulling useful signals out of the bytes.

It is made for analysts, reverse engineers, CTF players, and curious developers who like their evidence close at hand.

What It Helps You Do

• Inspect files in a hex editor.
• Get fast overviews, hashes, entropy, strings, timestamps, and metadata.
• Hunt for IOCs and interesting patterns.
• Run single searches or multi-searches across binary content.
• Compare files and spot meaningful differences.
• Carve data from larger blobs.
• Explore structures, disassembly, keys, patches, transforms, and case exports.
• Work with formats and views such as PDF, SquashFS, spectrograms, and steganography checks.

Good Moments For Leviathan

• A suspicious attachment needs a first pass.
• Firmware needs a careful look.
• A binary puzzle needs structure, strings, and entropy in one place.
• Two files look similar, but you need to know where they part ways.
• You want forensic tools available from the editor instead of scattered across terminals.

Commands

Leviathan adds a dedicated activity-bar view and a context-menu toolbox for files in the Explorer. Load a binary, pick the analysis view you need, and follow the clues.

The Feel

Purposeful, dense, and a little dramatic in the best way: a proper workbench for byte-level investigation.