Autopsy – A Digital Forensic Tool

Autopsy is a forensic tool that is used by law enforcement, military, and corporate examiners to investigate what happened on a computer or a smartphone. It has a plug-in architecture that allows you to find add-on modules or develop custom modules in Java or Python.


Autopsy offers the following features:




  • Multi-User Cases: Collaborate with fellow examiners on large cases.



  • Timeline Analysis: Displays system events in a graphical interface to help identify activity.



  • Keyword Search: Text extraction and index searched modules enable you to find files that mention specific terms and find regular expression patterns.



  • Web Artifacts: Extracts web activity from common browsers to help identify user activity.



  • Registry Analysis: Uses RegRipper to identify recently accessed documents and USB devices.



  • LNK File Analysis: Identifies shortcuts and accessed documents.



  • Email Analysis: Parses MBOX format messages, such as Thunderbird.



  • EXIF: Extracts geolocation and camera information from JPEG files.



  • File Type Sorting: Group files by their type to find all images or documents.



  • Media Playback: View videos and images in the application and not require an external viewer.



  • Thumbnail viewer: Displays thumbnail of images to help quick view pictures.



  • Robust File System Analysis:Support for common file systems, including NTFS, FAT12/FAT16/FAT32/ExFAT, HFS+, ISO9660 (CD-ROM), Ext2/Ext3/Ext4, Yaffs2, and UFS from The Sleuth Kit.



  • Hash Set Filtering: Filter out known good files using NSRL and flags known bad files using custom hash sets in HashKeeper, md5sum, and EnCase formats.



  • Tags: Tag files with arbitrary tag names, such as ‘bookmark’ or ‘suspicious’, and add comments.



  • Unicode Strings Extraction:Extracts strings from unallocated space and unknown file types in many languages (Arabic, Chinese, Japanese, etc.).



  • File Type Detection based on signatures and extension mismatch detection.



  • Interesting Files Module will flag files and folders based on name and path.

  • Android Support: Extracts data from SMS, call logs, contacts, Tango, Words with Friends, and more.


Download Autospy

Comments

Post a Comment

Popular posts from this blog

How To Hack WIFI WPS pin With Kali Linux

Image
Today I’m gonna tell you. HOW TO HACK WIFI WPS PIN. Kali Linux can be used for many things, but it probably is best known for its ability to penetration test, or hack wifi wps pin . There are hundreds of Windows applications that claim they can hack WPA , don’t get them! They’re just scams, used by professional hackers, to lure newbie or wannabe hackers into getting hacked themselves. Warning..!! WIFI hacking is illegal. “This tutorial is only for educational purposes. I am not responsible for any consequences.” Hack WIFI WPS PIN using reaver method. So lets Start Cracking Step 1:  Open Terminal and Find out the name of your wireless adapter. , type ifconfig on a terminal. See the result. (here my wireless adapter is ‘wlan0’).  Step 2:  Enable Monitor mode. Now, we use a tool called airmon-ng to create a virtual interface called mon. Just type. airmon-ng start wlan0 Step 3:  Type the following commands on terminal. airmon-ng check kill Step 4 :   To find WPS networks ,we'll
Read more

World’s Fastest Camera Takes 5 Trillion Photos Per Second, Can Pause Moving Light

Image
High-speed cameras taking 100,000 pictures in one second are enough to fascinate us. But what about a camera that can film at a rate of 5 trillion images per second. It’s created by the researchers Elias Kristensson and Andreas Ehn at the Lund University in Sweden. The camera can make light slow enough that it could be analyzed by humans. In other words, it can be used to record events happening in the 0.2 trillionths of a second. In 2011, a similar camera device was created by the MIT Media Lab. But it was slower and capable of capturing 1 trillion images per second. The researchers demonstrated the camera by filming photons of light traveling a distance equivalent to the thickness of a paper. The trillion camera works in a different way in comparison to the normal high-speed cameras. [youtube https://www.youtube.com/watch?v=2fjP02EpJac?feature=oembed&w=669&h=502] In the method, laser light pulses with a unique code are slashed on the subject. The reflected pulses captured by
Read more

creak – Poison, Reset, Spoof, Redirect MITM Script

Image
Performs some of the most famous MITM attack on target addresses located in a local network. Among these, deny navigation and download capabilities of a target host in the local network performing an ARP poison attack and sending reset TCP packets to every request made to the router. Born as a didactic project for learning python language, I decline every responsibility for any abuse, including malevolent or illegal use of this code. Installation  1 2 3 $ git clone https : //github.com/codepr/creak.git $ cd creak $ python setup . py install or simply clone the repository and run the creak.py after all requirements are installed: 1 $ git clone https : //github.com/codepr/creak.git It is required to have installed pcap libraries for raw packet manipulations and dpkt module, for dns spoofing options is required to have installed dnet module from libdnet package, do not confuse it with pydnet (network evaluation tool) module. It can use also scapy if desired, can just be set in the c
Read more