digital-forensics-labs/mobile-pii-discovery-agent

mirror of https://github.com/frankwxu/mobile-pii-discovery-agent.git synced 2026-02-20 13:40:41 +00:00

Go to file

Frank Xu 7a41a766ff add postal address to config

2026-01-27 17:47:42 -05:00

add postal address to config

2026-01-27 13:40:09 -05:00

batch_results_01

update both results

2026-01-23 20:27:18 -05:00

batch_results_02

add postal address to config

2026-01-26 22:29:05 -05:00

add postal address to config

2026-01-26 22:29:05 -05:00

fix config

2026-01-22 17:47:28 -05:00

add postal address to config

2026-01-27 17:47:42 -05:00

.env

Initial commit: PII Discovery Agent for Mobile Databases

2025-12-26 13:28:44 -05:00

.gitignore

rename databases

2026-01-18 17:50:47 -05:00

config.yaml

add postal address to config

2026-01-27 13:40:09 -05:00

LICENSE

Initial commit

2025-12-26 13:19:54 -05:00

my_run_config.py

add postal address to config

2026-01-27 13:40:09 -05:00

PII_Discovery.ipynb

add postal address to config

2026-01-27 13:40:09 -05:00

readme.md

Initial commit: PII Discovery Agent for Mobile Databases

2025-12-26 13:28:44 -05:00

sql_utils.py

add postal address to config

2026-01-27 13:40:09 -05:00

readme.md

LLM-Guided SQL Evidence Extraction

This project implements a lightweight LLM-assisted pipeline for discovering and extracting evidentiary artifacts from SQLite databases commonly found in mobile device extractions.

The system separates discovery and extraction to reduce search space, avoid hallucinated SQL, and preserve explainability.

Features

LLM-guided SQL planning with deterministic execution
Discovery to extraction workflow
Fixed evidence types: EMAIL, PHONE, USERNAME, PERSON_NAME
Safe SQLite execution with REGEXP support
UNION / UNION ALL–aware column extraction
Transparent, inspectable state machine

Setup

pip install langchain langgraph python-dotenv