digital-forensics-labs/mobile-pii-discovery-agent

mirror of https://github.com/frankwxu/mobile-pii-discovery-agent.git synced 2026-02-20 13:40:41 +00:00

Go to file

Frank Xu efd042b0e0 update RQs

2026-02-18 16:22:33 -05:00

model_PII_results

add other model results

2026-02-11 22:13:22 -05:00

update RQs

2026-02-18 16:22:33 -05:00

fix config

2026-01-22 17:47:28 -05:00

.env

Initial commit: PII Discovery Agent for Mobile Databases

2025-12-26 13:28:44 -05:00

.gitignore

rename databases

2026-01-18 17:50:47 -05:00

config.yaml

refactor code. mainly organize files into folders

2026-02-01 21:39:56 -05:00

LICENSE

Initial commit

2025-12-26 13:19:54 -05:00

my_run_config.py

refactor code. mainly organize files into folders

2026-02-01 21:39:56 -05:00

PII_Discovery.ipynb

refactor code. mainly organize files into folders

2026-02-01 21:39:56 -05:00

readme.md

Initial commit: PII Discovery Agent for Mobile Databases

2025-12-26 13:28:44 -05:00

sql_utils.py

fix sql alias

2026-02-10 21:26:35 -05:00

readme.md

LLM-Guided SQL Evidence Extraction

This project implements a lightweight LLM-assisted pipeline for discovering and extracting evidentiary artifacts from SQLite databases commonly found in mobile device extractions.

The system separates discovery and extraction to reduce search space, avoid hallucinated SQL, and preserve explainability.

Features

LLM-guided SQL planning with deterministic execution
Discovery to extraction workflow
Fixed evidence types: EMAIL, PHONE, USERNAME, PERSON_NAME
Safe SQLite execution with REGEXP support
UNION / UNION ALL–aware column extraction
Transparent, inspectable state machine

Setup

pip install langchain langgraph python-dotenv