Forensic Examiners
Extract browser artifacts from suspect machines during forensic investigations. Read-only analysis preserves evidence integrity. CSV export feeds directly into forensic reports and case documentation.
Free Download
Sherlock Forensics Browser Viewer
Extract history, bookmarks, downloads and extensions from 8 browsers. Auto-detects all profiles. Forensically sound. Built by CISSP, ISSAP, ISSMP certified examiners.
Sherlock Forensics Browser Viewer is a free Windows desktop tool that extracts browsing history, bookmarks, downloads and extensions from Chrome, Edge, Firefox, Brave, Opera, Opera GX, Vivaldi and Tor. It auto-detects every profile, copies databases to a temp file for read-only analysis and works while browsers are open. The Forensic Edition at $29 USD adds CSV export of any filtered tab.
f49caa1f0d75da47c0d16b4f0b929fa18427c6bbe68bbc9309897ce5320a9c0d
How to verify:
1. Open PowerShell (right-click Start menu, click Terminal)
2. Run: Get-FileHash .\sherlock-browser-viewer.exe
3. Compare the output with the hash above. If they match, the file has not been tampered with.
Compatibility
Supported Browsers
Chrome
Edge
Firefox
Brave
Opera
Opera GX
Vivaldi
Tor
Auto-detects every installed browser and all profiles on the system.
Extraction
Artifacts Extracted
Complete browsing history from all detected browsers and profiles.
- URLs
- Full URL of every visited page
- Page Titles
- Title of each visited page as recorded by the browser
- Visit Counts
- Number of times each URL was visited
- Timestamps
- Date and time of each visit in local and UTC format
All saved bookmarks with full folder hierarchy.
- Bookmark URL
- The saved URL
- Bookmark Title
- User-assigned or page-default title
- Folder Path
- Full folder path showing bookmark organization (e.g. Bookmarks Bar > Work > Projects)
- Date Added
- When the bookmark was created
Download records from all browsers.
- Source URL
- The URL the file was downloaded from
- Target Path
- Local file path where the download was saved
- File Size
- Size of the downloaded file in bytes
- Download State
- Whether the download completed, was interrupted or was cancelled
Installed browser extensions and add-ons.
- Extension Name
- Display name of the installed extension
- Version
- Currently installed version number
- Enabled State
- Whether the extension is active or disabled
- Install Date
- When the extension was first installed
Compare
Free vs Forensic Edition
| Feature | Free | Forensic Edition ($29) |
|---|---|---|
| View all browser data | Yes | Yes |
| Search across all browsers | Yes | Yes |
| Filter by date, URL, keyword | Yes | Yes |
| Sort any column | Yes | Yes |
| Auto-detect all profiles | Yes | Yes |
| Read-only forensic analysis | Yes | Yes |
| Works while browser is open | Yes | Yes |
| CSV export of any filtered tab | No | Yes |
Pricing
One-Time Payment. Yours Forever.
Forensic Edition
$29 USD
Single machine license. No subscription. One-time payment. Yours forever.
- All free features included
- CSV export of any filtered tab
- Export history, bookmarks, downloads or extensions
- Filter then export for targeted results
- 30-day money-back guarantee
5+ machines? Contact us for volume pricing.
Use Cases
Who Uses Sherlock Forensics Browser Viewer
HR Investigations
Review employee browsing activity on corporate workstations during workplace investigations. Filter by date range or keyword. Export filtered results for HR documentation without involving IT.
Incident Response
During security incidents, extract browser history to identify malicious downloads, phishing URLs and compromised credentials. Works on live systems without disrupting the user session. See our incident response services for full investigation support.
Legal Discovery
Collect browser evidence for civil and criminal proceedings. Pairs with our expert witness services for testimony support. CSV exports provide structured data for legal review platforms.
Parental Monitoring
Review browsing history across all browsers installed on a family computer. See every profile, every browser. Free edition provides full visibility without any purchase required.
Guide
How to Extract Browser History
- Install Sherlock Forensics Browser ViewerDownload the free installer from this page. 5.9 MB. SHA256 verified for integrity. No admin privileges required.
- Scan Computer for BrowsersLaunch the tool and click Scan. It auto-detects every installed browser and all profiles. Databases are copied to a temp file for read-only analysis. Works while browsers are open.
- Filter ResultsBrowse history, bookmarks, downloads and extensions across all detected browsers. Use search, sort and filter to isolate relevant artifacts by date, URL, keyword or browser.
- Export to CSVWith the Forensic Edition ($29 USD), export any filtered tab to CSV for inclusion in forensic reports, legal filings or incident response documentation.
Questions
Browser Viewer FAQ
What browsers does Sherlock Forensics Browser Viewer support?
Sherlock Forensics Browser Viewer supports Chrome, Edge, Firefox, Brave, Opera, Opera GX, Vivaldi and Tor. It auto-detects every installed browser and all profiles on the system.
Does it work while the browser is open?
Yes. Sherlock Forensics Browser Viewer copies browser databases to a temporary file before reading them. This means it works while browsers are running and never locks or interferes with active browser sessions.
Is the analysis read-only and forensically sound?
Yes. The tool copies browser databases to a temp location and reads only from the copy. The original browser data files are never modified. This preserves forensic integrity and ensures the source evidence remains unaltered.
What artifacts does it extract?
Four artifact categories: History (URLs, page titles, visit counts, timestamps), Bookmarks (with full folder path), Downloads (source URL, target path, file size, download state) and Extensions (name, version, enabled state, install date).
Does it extract cookies or saved passwords?
Not yet. The current version focuses on history, bookmarks, downloads and extensions. Cookie and password extraction may be added in a future release.
Does my data stay local?
Yes. Sherlock Forensics Browser Viewer runs entirely on your local machine. No browser data is transmitted to any server. All analysis happens locally on your workstation.
What is the difference between Free and Forensic Edition?
The Free edition lets you view, search, filter and sort all browser data from all detected browsers and profiles. The Forensic Edition at $29 USD adds CSV export of any filtered tab for inclusion in reports, legal filings or documentation.
Does it support Tor Browser?
Yes. Sherlock Forensics Browser Viewer detects and extracts artifacts from Tor Browser installations. This includes browsing history, bookmarks, downloads and extensions stored locally by the Tor Browser.
Get Started
Download Sherlock Forensics Browser Viewer Today
Free for viewing, searching, filtering and sorting browser data from 8 browsers. Forensic Edition at $29 USD for CSV export. Built by the same team that delivers expert witness testimony and forensic investigations in Canadian courts. See also: forensic tool suite, chain of custody software and private investigator forensic tools.
Since 2006CISSP, ISSAP, ISSMP certified604.229.1994
Sherlock Forensics Browser Viewer is provided for lawful use. Terms of Service