Wallet Sleuth is a cryptocurrency discovery and triage tool, that aims to quickly identify user cryptocurrency addresses and transactions from a variety of popular wallet applications!
Wallet Sleuth has a simple web-based user interface. To start it, run "walletsleuth.py" or the packaged "walletsleuth.exe", and visit 127.0.0.1:5000.
Wallet Sleuth requires three inputs: User Directory, Output Directory and Wallet Selection.
Any identified cryptocurrency addresses and transactions are immediatly displayed in the 'Output' tab directly within the 'Identify' page, a log is also produced and can be viewed on the same page under the 'Process Log' tab. A CSV of the identified data and a log file is produced to the output directory.
| Type | Wallet | Supported Operating System | Supported Browsers |
|---|---|---|---|
| 💻 Desktop | Atomic Wallet | Windows, Macintosh | N/A |
| 💻 Desktop | Bitcoin Core | Windows, Macintosh | N/A |
| 🧩 Browser Extension | Bitget | Windows, Macintosh | Brave, Chrome |
| 🧩 Browser Extension | Coinbase Wallet | Windows, Macintosh | Brave, Chrome |
| 🧩 Browser Extension | Crypto.com Wallet | Windows, Macintosh | Brave, Chrome |
| 💻 Desktop | Dogecoin Core | Windows, Macintosh | N/A |
| 💻 Desktop | Exodus | Windows, Macintosh | N/A |
| 🧩 Browser Extension | Guarda | Windows, Macintosh | Brave, Chrome |
| 💻 Desktop | Guarda | Windows | N/A |
| 💻 Desktop | Ledger Live | Windows, Macintosh | N/A |
| 💻 Desktop | Litecoin Core | Windows, Macintosh | N/A |
| 🧩 Browser Extension | MetaMask | Windows, Macintosh | Brave, Chrome, Edge |
| 🧩 Browser Extension | Phantom | Windows, Macintosh | Brave, Chrome, Edge |
| 🧩 Browser Extension | Rainbow | Windows, Macintosh | Chrome |
| 💻 Desktop | Trezor Suite | Windows, Macintosh | N/A |
| 💻 Desktop | Wasabi Wallet | Windows, Macintosh | N/A |
- Requires Python 3.8 or above.
- To parse Transaction IDs from the Exodus and Guarda cache, the brotli extension is required.
- Macintosh support is currently untested!