{"id":30056958,"url":"https://github.com/rtulke/chronika","last_synced_at":"2026-05-06T10:35:20.112Z","repository":{"id":308596549,"uuid":"1033144285","full_name":"rtulke/chronika","owner":"rtulke","description":"Chronika is a forensic analysis tool for reading and visualizing different browser histories in a chronological timeline format. Supports Chrome, Firefox, Safari, Brave, Opera, Edge, Vivaldi, Tor Browser, Chromium, LibreWolf and all browsers on Linux and macOS.","archived":false,"fork":false,"pushed_at":"2025-08-08T13:32:54.000Z","size":56,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-10-10T04:24:28.523Z","etag":null,"topics":["brave","browser","browser-forensic","browser-forensics","chrome","chromium","edge","firefox","forensic","forensic-analysis","forensics","forensics-tools","historical","historical-data","librewolf","opera","safari","vivaldi"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/rtulke.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-08-06T11:12:58.000Z","updated_at":"2025-08-08T13:32:57.000Z","dependencies_parsed_at":"2025-08-06T20:42:52.409Z","dependency_job_id":"fe79b7fe-0c05-4d0e-999d-f7623bff487d","html_url":"https://github.com/rtulke/chronika","commit_stats":null,"previous_names":["rtulke/chronika"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/rtulke/chronika","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rtulke%2Fchronika","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rtulke%2Fchronika/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rtulke%2Fchronika/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rtulke%2Fchronika/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rtulke","download_url":"https://codeload.github.com/rtulke/chronika/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rtulke%2Fchronika/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32689248,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-06T08:33:17.875Z","status":"ssl_error","status_checked_at":"2026-05-06T08:33:17.221Z","response_time":117,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["brave","browser","browser-forensic","browser-forensics","chrome","chromium","edge","firefox","forensic","forensic-analysis","forensics","forensics-tools","historical","historical-data","librewolf","opera","safari","vivaldi"],"created_at":"2025-08-07T23:31:11.131Z","updated_at":"2026-05-06T10:35:20.090Z","avatar_url":"https://github.com/rtulke.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Chronika - Forensic Browser History and Timeline Tool\n\nA comprehensive tool for analyzing browser history across multiple browsers an platforms with advanced filtering, analytics, and export capabilities. Designed for digital forensics, security analysis, and privacy research.\n\n## ✨ Features\n\n### 🌐 Multi-Browser Support\n- **Chrome**: Google Chrome (Chromium-based)\n- **Firefox**: Mozilla Firefox\n- **Safari**: Apple Safari (macOS only)\n- **Brave**: Privacy-focused Chromium browser  \n- **Opera**: Feature-rich browser with built-in VPN\n- **Edge**: Microsoft Edge (Chromium-based)\n- **Vivaldi**: Highly customizable Chromium-based browser\n- **Tor Browser**: Anonymous browsing (Firefox-based)\n- **Chromium**: Open-source base for Chrome/Edge/Brave\n- **LibreWolf**: Privacy-hardened Firefox fork\n\n### 🔍 Advanced Filtering \u0026 Search\n- **Domain Filtering**: Whitelist/blacklist with regex support\n- **Keyword Search**: Search in titles and URLs with regex support\n- **Time Range Filtering**: Precise date/time windows or relative periods\n- **Visit Frequency**: Filter by visit count (frequently vs rarely visited)\n- **Complete Database Search**: Bypass default limits with `--all` and `--no-time-filter`\n- **Browser Selection**: Target specific browsers with `--browsers` or exclude with `--exclude-browsers`\n\n### 📊 Analytics \u0026 Statistics\n- **Comprehensive Statistics**: Total visits, unique domains, browsing patterns\n- **Top Domains Analysis**: Most visited sites by frequency and visit count\n- **Browser Usage Comparison**: Detailed usage breakdown across browsers  \n- **Temporal Patterns**: Browsing patterns by hour, day, weekday, or month\n- **Visit Frequency Analysis**: Distribution of site visit frequencies\n\n### 📤 Professional Export Formats\n- **Timeline Display**: Visual chronological timeline (default)\n- **Data Formats**: JSON, CSV for data analysis\n- **SIEM Integration**: Splunk-compatible logs for security analysis\n- **ELK Stack**: Logstash-compatible JSON for Elasticsearch\n- **Network Analysis**: Gephi-compatible network graphs for visualization\n- **Timeline Tools**: TimelineJS-compatible JSON for external timeline tools\n\n### 🔧 Advanced Features\n- **Debug Mode**: Detailed database analysis and troubleshooting\n- **Privacy Protection**: URL anonymization for safe data sharing\n- **Cross-platform**: Linux and macOS support\n- **Security Conscious**: Read-only access, temporary file handling\n- **Intelligent Filtering**: Automatic database expansion when filters are detected\n\n## 🚀 Quick Start\n\n### Installation\n\n```bash\n# Clone repository\ngit clone https://github.com/user/chronika.git\ncd chronika\n\n# Setup virtual environment\npython3 -m venv browser_history_env\nsource browser_history_env/bin/activate\n\n# Install dependencies\npip install -r requirements.txt\n\n# Make executable\nchmod +x chronika.py\n\n# Test installation\n./chronika.py --help\n```\n\n### Basic Usage\n\n```bash\n# Display timeline of recent browser history\n./chronika.py\n\n# View history from specific browser\n./chronika.py --browsers chrome\n\n# Search for security-related content across all browsers\n./chronika.py --search \"security,hacking,vulnerability\" --all\n\n# Generate comprehensive statistics\n./chronika.py --format stats --days 30\n```\n\n## 📋 Command Line Reference\n\n### Browser Selection\n| Parameter | Description | Example |\n|-----------|-------------|---------|\n| `--browsers` | Select specific browsers | `--browsers chrome,firefox,brave` |\n| `--exclude-browsers` | Exclude specific browsers | `--exclude-browsers safari,tor` |\n\n### Output Formats\n| Parameter | Description | Use Case |\n|-----------|-------------|----------|\n| `--format timeline` | Visual chronological display (default) | General browsing overview |\n| `--format stats` | Comprehensive statistics | Data analysis, reporting |\n| `--format top-domains` | Most visited domains | Site usage analysis |\n| `--format browser-usage` | Browser comparison | Browser preference analysis |\n| `--format patterns` | Temporal browsing patterns | Behavior analysis |\n| `--format json` | Structured data export | Data processing, APIs |\n| `--format csv` | Spreadsheet-compatible export | Excel analysis |\n| `--format splunk` | SIEM-compatible logs | Security monitoring |\n| `--format elk` | Elasticsearch/Logstash format | Log aggregation |\n| `--format gephi` | Network graph format | Relationship visualization |\n| `--format timeline-json` | External timeline tools | Presentation, reporting |\n\n### Time Filtering\n| Parameter | Description | Example |\n|-----------|-------------|---------|\n| `--days N` | Last N days | `--days 30` |\n| `--time-from` | Start time (ISO format) | `--time-from \"2025-06-01T09:00:00\"` |\n| `--time-to` | End time (ISO format) | `--time-to \"2025-06-01T17:00:00\"` |\n| `--no-time-filter` | Search entire database | `--no-time-filter` |\n\n### Content Filtering  \n| Parameter | Description | Example |\n|-----------|-------------|---------|\n| `--search` | Keywords in titles/URLs | `--search \"github,python,security\"` |\n| `--domain-include` | Include only these domains | `--domain-include \"github.com,stackoverflow.com\"` |\n| `--domain-exclude` | Exclude these domains | `--domain-exclude \"facebook.com,ads.google.com\"` |\n| `--min-visits N` | Minimum visit count | `--min-visits 5` |\n| `--max-visits N` | Maximum visit count | `--max-visits 50` |\n| `--regex` | Enable regex in filters | `--regex --domain-include \".*\\.edu\"` |\n\n### Database \u0026 Display Options\n| Parameter | Description | Use Case |\n|-----------|-------------|----------|\n| `--all` | Search entire database | Finding rare/old entries |\n| `--limit N` | Limit displayed results | `--limit 500` |\n| `--debug` | Enable debug output | Troubleshooting, analysis |\n| `--output FILE` | Specify output filename | `--output analysis.json` |\n| `--anonymize` | Anonymize URLs for privacy | Safe data sharing |\n\n### Analytics Options\n| Parameter | Description | Example |\n|-----------|-------------|---------|\n| `--group-by` | Group patterns by time unit | `--group-by hour` / `day` / `weekday` / `month` |\n\n### Configuration\n| Parameter | Description |\n|-----------|-------------|\n| `--config FILE` | Use custom config file |\n| `--init-config` | Create default config file |\n\n## 💡 Usage Examples\n\n### Basic Analysis\n```bash\n# Recent browsing activity\n./chronika.py --days 7\n\n# Specific browser analysis  \n./chronika.py --browsers chrome --format stats --days 30\n\n# All browsers except problematic Safari\n./chronika.py --exclude-browsers safari --format top-domains\n```\n\n### Search \u0026 Investigation\n```bash\n# Security research analysis\n./chronika.py --search \"hack,security,vulnerability,exploit\" --all --format timeline\n\n# Development workflow analysis\n./chronika.py --domain-include \"github.com,stackoverflow.com\" --format patterns --group-by hour\n\n# Social media usage\n./chronika.py --domain-include \"facebook.com,twitter.com,instagram.com\" --format browser-usage\n\n# Deep search for rare terms\n./chronika.py --search \"cryptocurrency,blockchain\" --no-time-filter --format top-domains\n```\n\n### Professional \u0026 Forensic Use\n```bash\n# Incident response: specific timeframe\n./chronika.py --time-from \"2025-06-01T14:00:00\" --time-to \"2025-06-01T16:00:00\" --format timeline\n\n# SIEM integration\n./chronika.py --browsers chrome --search \"login,admin,auth\" --format splunk --output security_events.log\n\n# Network analysis for Gephi\n./chronika.py --browsers firefox,chrome --format gephi --days 30 --output browsing_network.gexf\n\n# Privacy audit (anonymized)\n./chronika.py --anonymize --format json --days 90 --output privacy_audit.json\n```\n\n### Data Analysis \u0026 Export\n```bash\n# Comprehensive data export\n./chronika.py --format elk --days 30 --output elasticsearch_import.json\n\n# Excel-compatible analysis\n./chronika.py --format csv --search \"work,project\" --output work_analysis.csv\n\n# Statistical reporting\n./chronika.py --format stats --days 30 \u003e monthly_report.txt\n\n# Timeline for presentations\n./chronika.py --format timeline-json --anonymize --days 7 --output presentation_timeline.json\n```\n\n### Advanced Filtering\n```bash\n# Regex filtering for educational domains\n./chronika.py --regex --domain-include \".*\\.edu,.*\\.gov\" --format top-domains\n\n# High-engagement sites only\n./chronika.py --min-visits 10 --format browser-usage --days 30\n\n# Exclude tracking/ad domains\n./chronika.py --domain-exclude \"doubleclick.net,googlesyndication.com,facebook.com\" --format patterns\n\n# Complex time-based analysis\n./chronika.py --time-from \"2025-06-01T09:00:00\" --time-to \"2025-06-01T17:00:00\" --search \"work,meeting,calendar\" --format stats\n```\n\n### Debug \u0026 Troubleshooting\n```bash\n# Debug browser detection issues\n./chronika.py --debug --browsers safari\n\n# Debug filtering problems\n./chronika.py --search \"test\" --debug --limit 5\n\n# Database analysis\n./chronika.py --debug --no-time-filter --limit 10\n```\n\n## 🔧 Configuration\n\nChronika supports TOML configuration files for persistent settings:\n\n```bash\n# Create default configuration\n./chronika.py --init-config\n```\n\n### Configuration Example (`chronika.toml`)\n```toml\n[browsers]\nchrome = true\nfirefox = true  \nsafari = false      # Disabled due to macOS permissions\nbrave = true\nopera = true\nedge = true\nvivaldi = true\ntor = true\nchromium = true\nlibrewolf = true\n\n[output]\nformat = \"timeline\"\nlimit = 100\ndays_back = 7\n\n[display]\nshow_url = true\nshow_visit_count = true\ndate_format = \"%Y-%m-%d %H:%M:%S\"\n\n[filters]\ndomain_whitelist = []           # Example: [\"github.com\", \"stackoverflow.com\"]\ndomain_blacklist = []           # Example: [\"ads.google.com\", \"facebook.com\"]\nkeywords = []                   # Example: [\"python\", \"security\", \"linux\"]\nmin_visit_count = 1\nmax_visit_count = null\ntime_from = null               # Example: \"2025-06-01T00:00:00\"\ntime_to = null                 # Example: \"2025-06-07T23:59:59\"\nuse_regex = false\n\n[analytics]\nenable_stats = true\ngroup_patterns_by = \"hour\"      # hour, day, weekday, month\ntop_domains_limit = 20\ninclude_subdomains = true\n\n[exports]\ninclude_metadata = true\nanonymize_urls = false          # Hash URL paths for privacy\ncompress_output = false\ninclude_user_agent = false\n```\n\n### Preset Configurations\n\n**Security Analysis**\n```toml\n[filters]\nkeywords = [\"security\", \"vulnerability\", \"exploit\", \"hack\", \"penetration\", \"audit\"]\n[output]\nformat = \"splunk\"\ndays_back = 30\n```\n\n**Privacy Research**\n```toml\n[filters]  \ndomain_blacklist = [\"facebook.com\", \"google.com\", \"amazon.com\"]\n[exports]\nanonymize_urls = true\n[output]\nformat = \"json\"\n```\n\n**Development Workflow**\n```toml\n[filters]\ndomain_whitelist = [\"github.com\", \"stackoverflow.com\", \"docs.python.org\", \"developer.mozilla.org\"]\n[analytics]\ngroup_patterns_by = \"hour\"\n[output]\nformat = \"patterns\"\n```\n\n## 📊 Output Formats Explained\n\n### Timeline Display (Default)\n```\n================================================================================\nBROWSER HISTORY TIMELINE (45 entries)\n================================================================================\n\n📅 2025-06-09\n----------------------------------------\n  14:30:15 🌎 [Chrome]\n    📄 GitHub - Browser History Tool\n    🔗 https://github.com/user/browser-history-tool\n    👁️  Visited 3 times\n\n  14:25:42 🦊 [Firefox]\n    📄 Python Documentation\n    🔗 https://docs.python.org/3/\n\n  14:20:18 🦁 [Brave]\n    📄 DuckDuckGo Search Results\n    🔗 https://duckduckgo.com/?q=python+sqlite\n    👁️  Visited 2 times\n```\n\n### Statistics Analysis\n```\n================================================================================\nBROWSER HISTORY STATISTICS\n================================================================================\n\n📊 SUMMARY\n   Total entries: 1,247\n   Total visits: 3,892\n   Unique domains: 156\n   Unique URLs: 1,089\n   Avg visits/URL: 3.1\n\n🌐 BROWSER USAGE\n   Chrome: 534 (42.8%)\n   Firefox: 312 (25.0%)\n   Brave: 231 (18.5%)\n\n🔝 TOP DOMAINS (by frequency)\n   github.com: 89 visits\n   stackoverflow.com: 67 visits\n   docs.python.org: 45 visits\n```\n\n### Browsing Patterns\n```\n================================================================================\nBROWSING PATTERNS (grouped by hour)\n================================================================================\n\n        08:00 │████████████████████                              67 ( 5.4%)\n        09:00 │████████████████████████████████████████████████  124 (10.0%)\n        10:00 │██████████████████████████████████████████████    115 ( 9.2%)\n        14:00 │████████████████████████████████████████████████  122 ( 9.8%)\n        20:00 │████████████████████████                          78 ( 6.3%)\n```\n\n### Professional Export Formats\n\n**Splunk Format**\n```\ntimestamp=\"2025-06-09 14:30:15\" browser=\"Chrome\" domain=\"github.com\" url=\"https://github.com/user/repo\" title=\"GitHub Repository\" visit_count=5 source=\"browser_history\" sourcetype=\"web_history\"\n```\n\n**ELK/Logstash Format**\n```json\n{\"@timestamp\": \"2025-06-09T14:30:15\", \"browser\": \"Chrome\", \"domain\": \"github.com\", \"url\": \"https://github.com/user/repo\", \"title\": \"GitHub Repository\", \"visit_count\": 5, \"event_type\": \"browser_history\"}\n```\n\n**Gephi Network Graph**\n- Exports GEXF format for network visualization\n- Nodes represent unique domains\n- Edges show navigation transitions between domains\n- Edge weights indicate transition frequency\n- Import into Gephi for advanced network analysis\n\n## 🛡️ Security \u0026 Privacy Features\n\n### URL Anonymization\n```bash\n# Anonymize URLs for safe sharing\n./chronika.py --format json --anonymize --output safe_export.json\n```\nURLs are transformed: `https://github.com/user/private-repo` → `https://github.com/path_8472`\n\n### Privacy-Focused Analysis\n```bash\n# Exclude tracking domains\n./chronika.py --domain-exclude \"doubleclick.net,googlesyndication.com,facebook.com\"\n\n# Focus on work/education domains only\n./chronika.py --regex --domain-include \".*\\.company\\.com,.*\\.edu,github\\.com\"\n```\n\n### Security Analysis Examples\n```bash\n# Security research detection\n./chronika.py --search \"exploit,vulnerability,malware,phishing\" --format splunk --output security_research.log\n\n# Login pattern analysis\n./chronika.py --search \"login,signin,auth,admin\" --format patterns --group-by hour\n\n# Suspicious activity detection\n./chronika.py --min-visits 20 --domain-exclude \"company.com\" --format top-domains --days 7\n\n# Incident timeline reconstruction\n./chronika.py --time-from \"2025-06-01T13:00:00\" --time-to \"2025-06-01T15:00:00\" --format timeline --debug\n```\n\n## 🔍 Troubleshooting\n\n### Debug Mode\n```bash\n# Enable comprehensive debugging\n./chronika.py --debug --browsers chrome --search \"test\"\n```\n\nDebug output includes:\n- Database paths and accessibility status\n- Total entries in each database\n- Table structures and available columns\n- Raw SQL query results and sample data\n- Filter application step-by-step\n- Timestamp conversion details\n- Detailed error messages with context\n\n### Common Issues \u0026 Solutions\n\n#### No History Found\n**Symptoms**: \"No browser history found\" or very few results\n**Solutions**:\n```bash\n# Check database accessibility\n./chronika.py --debug --browsers chrome --limit 5\n\n# Try different time ranges\n./chronika.py --no-time-filter --limit 10\n\n# Test specific browser\n./chronika.py --browsers firefox --debug\n```\n\n#### Safari Permission Issues (macOS)\n**Symptoms**: \"Operation not permitted\" or \"Permission denied\"\n**Solutions**:\n1. **Close Safari completely** and retry\n2. **Grant Terminal Full Disk Access**:\n   - System Preferences → Security \u0026 Privacy → Privacy → Full Disk Access\n   - Add Terminal and enable\n3. **Disable Safari temporarily**:\n   ```bash\n   ./chronika.py --exclude-browsers safari\n   ```\n\n#### Missing Search Results  \n**Symptoms**: Expected results not found in search\n**Solutions**:\n```bash\n# Use complete database search\n./chronika.py --search \"keyword\" --no-time-filter --debug\n\n# Check time range\n./chronika.py --search \"keyword\" --days 365 --debug\n\n# Verify search in both titles and URLs\n./chronika.py --search \"keyword\" --all --debug --limit 5\n```\n\n#### Database Locked Errors\n**Symptoms**: \"Database is locked\" errors\n**Solutions**:\n- Close all browser instances completely\n- Wait 30 seconds and retry\n- Check for crashed browser processes:\n  ```bash\n  # macOS\n  ps aux | grep -i chrome\n  killall \"Google Chrome\"\n  \n  # Linux  \n  pkill chrome\n  pkill firefox\n  ```\n\n#### Filter Returns No Results\n**Symptoms**: \"No entries match the specified filters\"\n**Solutions**:\n```bash\n# Debug filter application\n./chronika.py --search \"keyword\" --debug --all\n\n# Test without filters first\n./chronika.py --browsers chrome --limit 10\n\n# Verify filter syntax\n./chronika.py --domain-include \"github.com\" --debug --limit 5\n```\n\n#### Performance Issues\n**Symptoms**: Slow processing or timeouts\n**Solutions**:\n```bash\n# Reduce scope\n./chronika.py --days 30 --limit 500\n\n# Use time filters\n./chronika.py --time-from \"2025-06-01T00:00:00\" --days 7\n\n# Target specific browsers\n./chronika.py --browsers chrome --format stats\n```\n\n### Browser-Specific Issues\n\n#### Chrome/Chromium-based\n- **Path Issues**: Check if using Chrome Beta/Dev versions\n- **Profile Issues**: Tool uses Default profile only\n- **Corporate**: May require different paths in managed environments\n\n#### Firefox-based\n- **Profile Detection**: Tool searches for \"default\" in profile name\n- **Tor Browser**: Special paths, may have limited history\n- **LibreWolf**: Privacy settings may limit history retention\n\n#### Safari (macOS)\n- **System Protection**: macOS protects Safari data heavily\n- **Database Format**: Changes between macOS versions\n- **Container Security**: New Safari versions use sandboxed storage\n\n### Getting Help\n```bash\n# Generate debug report\n./chronika.py --debug --all --limit 1 \u003e debug_report.txt 2\u003e\u00261\n\n# Test all browsers\n./chronika.py --debug --format stats --limit 5 \u003e browser_test.txt 2\u003e\u00261\n\n# Minimal test case\n./chronika.py --browsers chrome --limit 5 --debug\n```\n\n## 📈 Use Cases \u0026 Examples\n\n### Digital Forensics\n```bash\n# Timeline reconstruction\n./chronika.py --time-from \"2025-06-01T08:00:00\" --time-to \"2025-06-01T18:00:00\" --format timeline\n\n# Evidence export\n./chronika.py --format elk --no-time-filter --anonymize --output evidence.json\n\n# Network analysis\n./chronika.py --format gephi --days 30 --output investigation.gexf\n```\n\n### Security Analysis\n```bash\n# Threat hunting\n./chronika.py --search \"malware,phishing,suspicious\" --format splunk --output threats.log\n\n# Attack pattern analysis  \n./chronika.py --domain-include \"suspicious.com\" --format timeline --no-time-filter\n\n# Login behavior analysis\n./chronika.py --search \"login,admin,dashboard\" --format patterns --group-by hour\n```\n\n### Privacy Research\n```bash\n# Tracking analysis\n./chronika.py --search \"tracking,analytics,ads\" --format top-domains --days 30\n\n# Privacy browser comparison\n./chronika.py --browsers brave,firefox,tor --format browser-usage\n\n# Data minimization audit\n./chronika.py --anonymize --format csv --days 90 --output privacy_audit.csv\n```\n\n### Corporate Monitoring\n```bash\n# Productivity analysis\n./chronika.py --domain-exclude \"facebook.com,youtube.com\" --format patterns --group-by hour\n\n# Compliance monitoring  \n./chronika.py --search \"confidential,restricted\" --format splunk --output compliance.log\n\n# Bandwidth analysis\n./chronika.py --format top-domains --min-visits 50 --days 30\n```\n\n### Development \u0026 Research\n```bash\n# Development workflow\n./chronika.py --domain-include \"github.com,stackoverflow.com\" --format patterns\n\n# Research documentation\n./chronika.py --search \"documentation,tutorial,guide\" --format timeline --days 7\n\n# Technology trend analysis\n./chronika.py --search \"python,javascript,rust\" --format stats --days 90\n```\n\n### Requirements\n- Python 3.6+\n- `toml` library\n- Linux or macOS\n- Read access to browser profile directories\n\n### Development Setup\n```bash\ngit clone https://github.com/user/chronika.git\ncd chronika\npython3 -m venv dev_env\nsource dev_env/bin/activate\npip install -r requirements.txt\npip install -r requirements-dev.txt  # If available\n```\n\n### Adding New Browsers\n1. Implement `get_BROWSER_history_path()` function\n2. Determine database format (Chromium-based or Firefox-based)\n3. Add to browser configuration in `collect_browser_history()`\n4. Update configuration defaults\n5. Add documentation and test\n\n### Browser Database Formats\nThe tool handles three main database timestamp formats:\n- **Chromium-based** (Chrome, Brave, Edge, Vivaldi, Opera): Microseconds since 1601-01-01\n- **Firefox-based** (Firefox, Tor, LibreWolf): Microseconds since Unix epoch (1970-01-01)  \n- **Safari**: Seconds since 2001-01-01 (macOS Core Data reference date)\n\n## 📜 License\n\nThis tool is provided for educational, security research, and digital forensics purposes. Users are responsible for compliance with local laws and regulations regarding data privacy and computer access.\n\n**Disclaimer**: Always ensure you have proper authorization before analyzing browser history data, especially in corporate or shared environments.\n---\n\n**Chronika** - *Revealing the stories hidden in your browsing history* 🕒\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frtulke%2Fchronika","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frtulke%2Fchronika","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frtulke%2Fchronika/lists"}