Parse Windows NTFS USN Journal ($UsnJrnl:$J) files entirely in your browser. Files never leave your machine.
The Update Sequence Number Journal is a change log that NTFS maintains for every file create, delete, rename and metadata modification on a volume. It lives in the alternate data stream \$Extend\$UsnJrnl:$J and is one of the richest sources of timeline evidence in Windows forensics.
Incident response, intrusion timelines, ransomware analysis, insider-threat investigations — any case where you need a record of file activity even after files have been deleted from disk.
Journal files contain artefacts of every action on the volume — sensitive by nature. This tool ships a WebAssembly parser to your machine; the file never reaches our servers, and there is nothing to log.