Mulder brings containerized MCP server to digital forensics
Mulder is a containerized MCP server built by calebevans that exposes forensic tools like Volatility, Sleuthkit, and Plaso as typed tool calls, with an audit log, validated evidence citations, and SQLite-backed context management for AI-driven investigations.
Score breakdown
Forensic investigators and security practitioners can drop Mulder into an existing workflow by mounting a read-only evidence directory, immediately gaining an auditable, citation-enforced AI agent that runs Volatility, Sleuthkit, and other tools without manual context management.
- 01Mulder is an MCP server that exposes forensic tools — Volatility, Sleuthkit, and Plaso — as typed tool calls for AI agents.
- 02Built by calebevans for the SANS "FIND EVIL!" hackathon.
- 03Every tool invocation is recorded in an append-only audit log.
Calebevans built Mulder for the SANS "FIND EVIL!" hackathon as an experiment in applying agentic AI to digital forensics. The project is an MCP server that exposes well-known forensic tools — including Volatility, Sleuthkit, and Plaso — as typed tool calls that an AI agent can invoke programmatically. Every invocation is written to an append-only audit log, providing a traceable record of the agent's actions throughout an investigation.
A key design feature is the evidence validation system: when an agent submits a "finding" to the case database, it must supply citations pointing to real tool executions or evidence.
A key design feature is the evidence validation system: when an agent submits a "finding" to the case database, it must supply citations pointing to real tool executions or evidence. If the cited evidence or tool output does not exist, the finding is automatically dropped. This prevents the agent from hallucinating conclusions unsupported by actual forensic data.
The other major engineering challenge was context window pressure. Forensic investigations generate large volumes of noisy output that can quickly exhaust an LLM's context window. Mulder addresses this by storing all tool output in a per-case SQLite database with full-text search, allowing the agent to query and retrieve specific segments as needed rather than loading everything at once. The project ships as a self-contained container bundling all forensic binaries, symbol tables, YARA rules, MITRE ATT&CK data, and Claude Code pre-configured. Users mount a read-only evidence directory, start the container, and instruct Claude to begin an investigation. Calebevans tested Mulder against two publicly available test scenarios and reports strong results relative to known ground truth, with example outputs published in the repository.
Key facts
- 01Mulder is an MCP server that exposes forensic tools — Volatility, Sleuthkit, and Plaso — as typed tool calls for AI agents.
- 02Built by calebevans for the SANS "FIND EVIL!" hackathon.
- 03Every tool invocation is recorded in an append-only audit log.
- 04Agent findings must include validated evidence citations; findings citing non-existent evidence or tool executions are automatically dropped.
- 05All tool output is stored in a per-case SQLite database with full-text search to manage context window pressure.
- 06Ships as a container pre-configured with forensic binaries, symbol tables, YARA rules, MITRE ATT&CK data, and Claude Code.