Autopsy
4.20.0
Graphical digital forensics platform for The Sleuth Kit and other tools.
|
This page describes the basic concepts and setup that are needed for all types of Java modules. It is not needed for Python module development.
Autopsy is built on top of the NetBeans Rich Client Platform, which makes it easy to make plug-in infrastructures. To do any development, you really need to download NetBeans first. You can in theory develop modules by command line only, but this document assumes that you are using the IDE. Download and install the latest version of the IDE from http://www.netbeans.org.
Autopsy currently requires Java 17. Ensure that it is installed.
Before we can make a module, we must configure NetBeans to know about Autopsy as a platform. This will allow you to access all of the classes and services that Autopsy provides. There are two ways of configuring the NetBeans IDE to know about Autopsy:
The easiest method for obtaining the platform is to install Autopsy on your computer. It will have everything that you need. If you installed it in "C:\Program Files\Autopsy", then the platform is in "C:\Program Files\Autopsy\platform". You can now also download just the ZIP file of the Autopsy release instead of the MSI installer. This maybe more convenient for development situations.
If you want to build against the bleeding edge code and updates that have occurred since the last release, then you must download the latest source code and build it. This involves getting a full development environment setup. Refer to the wiki page at http://wiki.sleuthkit.org/index.php?title=Autopsy_Developer%27s_Guide for details on getting the source code and a development environment setup.
To use the latest Autopsy source code as your development environment, first follow BUILDING.TXT in the root source repository to properly build and setup Autopsy in NetBeans.
Once Autopsy has been successfully built, right click on the Autopsy project in NetBeans and select Package as > ZIP Distribution. Once the ZIP file is created, extract its contents to a directory. This directory is the platform that you will build against. Note that you will building the module against this built platform. If you need to make changes to Autopsy infrastructure for your module, then you will need to then make a new ZIP file and configure your module to use it each time.
The Autopsy modules are encapsulated inside of NetBeans modules. A NetBeans module will be packaged as a single ".nbm" file. A single NetBeans module can contain many Autopsy modules. The NetBeans module is what the user will install and provides things like auto-update.
If this is your first module, then you will need to make a NetBeans module. If you have already made an Autopsy module and are now working on a second one, you can consider adding it to your previous NetBeans module.
To make a NetBeans module:
After the module is created, you will need to do some further configuration.
You now have a NetBeans module that is using Autopsy as its build platform. That means you will have access to all of the services and utilities that Autopsy provides.
There are several optional things in the Properties section. You can add a description and specify the version. You can do all of this later though and it does not need to be done before you start development.
A link about the NetBeans versioning scheme can be found here http://wiki.netbeans.org/VersioningPolicy. Autopsy follows this scheme and a link to the details can be found at http://wiki.sleuthkit.org/index.php?title=Autopsy_3_Module_Versions.
For general NetBeans module information, refer to this guide from NetBeans.org.
You can now add Autopsy modules into the NetBeans container module. There are other pages that focus on that and are listed on the main page. The rest of this document contains info that you will eventually want to come back to though. As you will read in the later sections about the different module types, each Autopsy Module is a Java class that extends an interface (the interface depends on the type of module).
When you are developing your Autopsy module, you can simply choose "Run" on the module and it will launch the Autopsy platform with the module enabled in it. This is also how you can debug the module. If you want to apply changes during debugging and have not changed any method signatures, you can use the "Apply Code Changes" function in NetBeans.
When you are ready to share your module, create an NBM file by right clicking on the module and selecting "Create NBM".
To install the module on a non-development environment, launch Autopsy and choose Plugins under the Tools menu. Open the Downloaded tab and click Add Plugins. Navigate to the NBM file and open it. Next, click Install and follow the wizard.
Copyright © 2012-2022 Basis Technology. Generated on: Tue Aug 1 2023
This work is licensed under a
Creative Commons Attribution-Share Alike 3.0 United States License.