The Sleuth Kit
  
Autopsy
     
Features
     
Download
     
Documents
     
History
     
Licenses
     
Version 2
        
Download
  
Sleuth Kit Hadoop
  
mac-robber
  
Case Studies
  




 Get Autopsy at SourceForge.net. Fast, secure and Free Open Source software downloads

Autopsy v3 Features

Inputs:
  • Raw (single or split) disk images
  • E01 disk images
File Systems:
  • NTFS
  • FAT12, FAT16, FAT32
  • HFS+
  • ISO9660
  • Ext2, Ext3
  • UFS
Analysis Features:
  • Hash lookup to ignore known good and flag known bad in NIST NSRL, EnCase, MD5, and HashKeeper formats.
  • Keyword search (using Apache SOLR)
  • Web artifacts (history, bookmarks, cookies, downloads) from Firefox, IE, Chrome and Safari
  • Registry analysis (using RegRipper)
  • Email (MBOX)
  • EXIF extraction from JPEG files
  • View recent file activity
  • Timeline analysis (beta) (screen)
  • Sort files by type
  • Thumbnail viewer
  • Video and image playback
  • Text extraction from HTML, Microsoft Office, PDF, RTF, (using Apache Tika)
  • Unicode strings extraction in many languages (Arabic, Chinese, Japanese, etc.)
  • Bookmarks
Report Formats:
  • HTML
  • CSV