Browser Workbench
Drop logs, extract indicators, and match public threat intelligence locally in your browser.
local by default
Dropped files are not uploaded.
Loading WebAssembly module...
Local browser matching
Feed assets download to this page. Dropped files stay in this browser.
Loading Matchy WASM and bundled feed...
Drop log files here to scan immediately
Text logs, JSONL, CSV, and copied evidence exports work best.
Loading feed
Feed
0
Entries
unknown
Generated
unknown
Matchy version
0Files
0 BScanned
0Lines
0Indicators
0Unique queried
0Matches
Hits
| Indicator | Type | Severity | Source | Malware / Threat | Count |
|---|---|---|---|---|---|
| Drop a file to begin scanning. | |||||
Hit Detail
Select a hit to inspect metadata and matching lines.
Evidence Lines
Matching source lines appear here.
Run Locally
After a scan, equivalent CLI commands appear here.
Advanced tools: build feeds, import data, query one indicator, or test extraction
Add Entry
Options
Entries (0)
No entries yet. Add some!
Database Status
Database ready for queries!
Import from File
Drop a feed file here
CSV, JSON, or text indicators
Or Paste Data
CSV format: First column must be
entry or key. Other columns become metadata.
JSON format: Array of objects with
key and optional data fields.
Text format: One entry per line. No metadata - just keys.
Import Results
Import a CSV, JSON, or text file to build a database.
Preview (first 20 entries)
No data imported yet.
Query Database
Batch Input
Results
Build a database first, then run queries here.
Total: 0
Matches: 0
Time: 0ms
Input Text
Extracted Entities
Click "Extract Entities" to find IPs, domains, emails, and hashes.
IPv4
IPv6
Domain
Email
Hash
Crypto