Docker Explorer is a forensic analysis tool designed to help investigators examine offline Docker filesystems. The tool provides forensics analysts with the ability to explore Docker containers that may have been compromised by reconstructing the container's filesystem view. Docker containers use layered backend filesystems such as AuFS or OverlayFS, where each layer is stored as separate folders on the host system. Docker Explorer interprets the JSON metadata files that Docker uses to manage these layers, allowing analysts to understand the container structure. The tool enables investigators to mount a container's filesystem to a specified location (such as /mnt/container) for analysis. Once mounted, analysts can use standard forensic tools like log2timeline.py or basic file system commands to examine the container contents. Installation options include using a Personal Package Archive (PPA), installing via PyPI package manager, or cloning the source code repository. The typical workflow involves identifying the target container ID, using Docker Explorer to mount the container's filesystem, and then applying forensic analysis techniques to the mounted filesystem.