Home Services Products CODI AI-Powered DFIR Workbench Nebula Secure Note-Taking Private Clients About Contact Get Started
Sienar Advanced Solutions

CODI: Case Oriented Digital Investigator

AI-powered, coding-first DFIR workbench. Investigate faster with natural language, scripting, and 40+ forensic tool integrations — all in a single binary.

Your Investigation Command Center

CODI brings together the power of AI agents, a full scripting environment, and comprehensive forensic tooling into a single, portable binary. No cloud dependencies. No complex setup. Just open a terminal and start investigating.

  • Single binary — pure Go, zero dependencies
  • Cross-platform — Windows, macOS, Linux
  • Self-hosted — runs entirely on your infrastructure
  • AI-first — natural language-driven investigations
CODI terminal interface showing an AI-driven forensic investigation

Built for DFIR Professionals

Every feature designed to accelerate your investigations while maintaining forensic rigor.

Natural Language Investigation

Ask complex questions like "Did AnyDesk run on this host?" and let the AI agent plan and execute the investigation autonomously.

Case Management

Structured, reproducible investigation workspaces. Organize evidence, notes, findings, and chain of custody in one place.

Go / Python / SQL Scripting

Write and execute scripts directly against evidence using the built-in SDK. Full language support for custom analysis workflows.

40+ Tool Integrations

Disk forensics, memory analysis, network forensics, malware analysis, reverse engineering — all accessible from one interface.

Hypothesis Mode

Sophisticated investigation workflow with adjustable confidence thresholds, chain-of-thought reasoning, and reflection capabilities.

Semantic Search

Vector embeddings and intelligent search powered by Weaviate. Find relevant evidence across massive datasets with natural queries.

How It Works

1

Create & Load

Create a case, load forensic images and evidence. CODI organizes everything in structured, reproducible workspaces.

2

Investigate

Query with natural language or write Go/Python/SQL scripts. The AI agent plans multi-step investigations and executes them.

3

Report & Verify

Generate findings, test hypotheses with confidence scoring, and produce reports with full chain-of-thought audit trails.

CODI investigation workflow diagram

One Binary. Every Platform.

Pure Go architecture means zero dependencies and native performance everywhere.

Windows

x64 / ARM64

macOS

Intel / Apple Silicon

Linux

x64 / ARM64

Comprehensive Tool Integrations

CODI unifies your forensic toolkit. Access everything from disk analysis to reverse engineering through one consistent interface.

Disk Forensics

  • Disk image ingestion (E01/RAW/VMDK/VHD)
  • File system analysis
  • Artifact recovery
  • Timeline generation

Memory Analysis

  • Volatility integration
  • Process analysis
  • Memory artifact extraction
  • Dynamic tracing

Network Forensics

  • PCAP analysis
  • Network flow reconstruction
  • Protocol decoding
  • Traffic analysis

Malware Analysis

  • YARA scanning
  • Static analysis
  • Behavioral analysis
  • Threat intelligence

Reverse Engineering

  • Ghidra integration
  • Radare2 support
  • x64dbg scripts
  • Binary analysis

Data & Logs

  • Log parsing
  • SQL queries
  • Graph analysis (Neo4j)
  • Crypto analysis

Get CODI

One license. Full power.

Perpetual Annual Save 60%
Professional License

CODI Professional

$1,000 per license
  • Single binary — no dependencies
  • Cross-platform (Windows, macOS, Linux)
  • AI-powered natural language investigation
  • Go, Python, and SQL scripting with built-in SDK
  • 40+ forensic tool integrations
  • Hypothesis mode with confidence scoring
  • Semantic search via vector embeddings
  • TUI and optional GUI interfaces
  • Case management and evidence organization
  • Self-hosted — no cloud dependency
  • All updates within current major version
  • Customer portal access

Secure checkout via Stripe

Need volume licensing or have questions? Contact us.

Frequently Asked Questions

What platforms does CODI support?
CODI is a single Go binary that runs natively on Windows, macOS, and Linux. No dependencies or runtime required.
How is the license delivered?
After purchase, you'll receive an email with your license key and a .lic license file. You'll also get access to the customer portal for downloads and license management.
Is there a trial available?
Contact us to discuss evaluation options for your team. We offer guided demonstrations and can arrange trial periods for qualified organizations.
How do updates work?
Perpetual license holders receive all updates within the current major version. Annual subscribers receive all updates for the duration of their subscription, which renews automatically.
Can I use CODI offline?
Yes. CODI is fully self-hosted with no cloud dependency. The AI features work with local LLM providers like Ollama, or you can configure cloud providers when connectivity is available.
What LLM providers are supported?
CODI supports OpenAI, Anthropic, Google, Ollama (local), OpenRouter, and vLLM. You can use any provider or run completely local for air-gapped environments.

Ready to Transform Your Investigations?

Join the next generation of DFIR professionals using AI-powered investigation workflows.

Coming Soon Request a Demo

Also from Sienar

Nebula — Secure Knowledge Engine

Post-quantum encrypted note-taking with multi-level vaults, free device sync, and knowledge graph. Free to start.