Sleuth Kit Java Bindings (JNI)  4.8.0
Java bindings for using The Sleuth Kit
WebBrowserArtifactsHelper.java
Go to the documentation of this file.
1 /*
2  * Sleuth Kit Data Model
3  *
4  * Copyright 2019-2020 Basis Technology Corp.
5  * Contact: carrier <at> sleuthkit <dot> org
6  *
7  * Licensed under the Apache License, Version 2.0 (the "License");
8  * you may not use this file except in compliance with the License.
9  * You may obtain a copy of the License at
10  *
11  * http://www.apache.org/licenses/LICENSE-2.0
12  *
13  * Unless required by applicable law or agreed to in writing, software
14  * distributed under the License is distributed on an "AS IS" BASIS,
15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16  * See the License for the specific language governing permissions and
17  * limitations under the License.
18  */
19 package org.sleuthkit.datamodel.blackboardutils;
20 
21 import java.net.MalformedURLException;
22 import java.net.URL;
23 import java.util.ArrayList;
24 import java.util.Collection;
25 import java.util.Collections;
26 import java.util.StringTokenizer;
27 import org.apache.commons.lang3.StringUtils;
28 import org.sleuthkit.datamodel.Account;
29 import org.sleuthkit.datamodel.Blackboard.BlackboardException;
30 import org.sleuthkit.datamodel.BlackboardArtifact;
31 import org.sleuthkit.datamodel.BlackboardAttribute;
32 import org.sleuthkit.datamodel.CommunicationsManager;
33 import org.sleuthkit.datamodel.Content;
34 import org.sleuthkit.datamodel.SleuthkitCase;
35 import org.sleuthkit.datamodel.TskCoreException;
36 
44 public final class WebBrowserArtifactsHelper extends ArtifactHelperBase {
45 
54  public WebBrowserArtifactsHelper(SleuthkitCase caseDb, String moduleName, Content srcContent) {
55  super(caseDb, moduleName, srcContent);
56  }
57 
72  public BlackboardArtifact addWebBookmark(String url, String title, long creationTime, String progName) throws TskCoreException, BlackboardException {
73  return addWebBookmark(url, title, creationTime, progName,
74  Collections.emptyList());
75  }
76 
92  public BlackboardArtifact addWebBookmark(String url, String title, long creationTime, String progName,
93  Collection<BlackboardAttribute> otherAttributesList) throws TskCoreException, BlackboardException {
94 
95  BlackboardArtifact bookMarkArtifact;
96  Collection<BlackboardAttribute> attributes = new ArrayList<>();
97 
98  // create artifact
99  bookMarkArtifact = getContent().newArtifact(BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_BOOKMARK);
100 
101  // construct attributes
102  attributes.add(new BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_URL, getModuleName(), url));
103 
104  addAttributeIfNotZero(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME_CREATED, creationTime, attributes);
105  addAttributeIfNotNull(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_TITLE, title, attributes);
106  addAttributeIfNotNull(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DOMAIN, extractDomain(url), attributes);
107  addAttributeIfNotNull(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PROG_NAME, progName, attributes);
108 
109  // add attributes to artifact
110  attributes.addAll(otherAttributesList);
111  bookMarkArtifact.addAttributes(attributes);
112 
113  // post artifact
114  getSleuthkitCase().getBlackboard().postArtifact(bookMarkArtifact, getModuleName());
115 
116  // return the artifact
117  return bookMarkArtifact;
118  }
119 
135  public BlackboardArtifact addWebCookie(String url, long creationTime,
136  String name, String value, String programName) throws TskCoreException, BlackboardException {
137 
138  return addWebCookie(url, creationTime, name, value, programName,
139  Collections.emptyList());
140  }
141 
161  public BlackboardArtifact addWebCookie(String url,
162  long creationTime, String name, String value, String programName,
163  Collection<BlackboardAttribute> otherAttributesList) throws TskCoreException, BlackboardException {
164 
165  BlackboardArtifact cookieArtifact;
166  Collection<BlackboardAttribute> attributes = new ArrayList<>();
167 
168  // create artifact
169  cookieArtifact = getContent().newArtifact(BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_COOKIE);
170 
171  // construct attributes
172  attributes.add(new BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_URL, getModuleName(), url));
173 
174  addAttributeIfNotZero(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME, creationTime, attributes);
175  addAttributeIfNotNull(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_NAME, name, attributes);
176  addAttributeIfNotNull(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_VALUE, value, attributes);
177  addAttributeIfNotNull(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DOMAIN, extractDomain(url), attributes);
178  addAttributeIfNotNull(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PROG_NAME, programName, attributes);
179 
180  // add attributes to artifact
181  attributes.addAll(otherAttributesList);
182  cookieArtifact.addAttributes(attributes);
183 
184  // post artifact
185  getSleuthkitCase().getBlackboard().postArtifact(cookieArtifact, getModuleName());
186 
187  // return the artifact
188  return cookieArtifact;
189  }
190 
205  public BlackboardArtifact addWebDownload(String url, long startTime, String path, String programName) throws TskCoreException, BlackboardException {
206  return addWebDownload(path, startTime, url, programName, Collections.emptyList());
207  }
208 
224  public BlackboardArtifact addWebDownload(String url, long startTime, String path, String programName,
225  Collection<BlackboardAttribute> otherAttributesList) throws TskCoreException, BlackboardException {
226 
227  BlackboardArtifact webDownloadArtifact;
228  Collection<BlackboardAttribute> attributes = new ArrayList<>();
229 
230  // reate artifact
231  webDownloadArtifact = getContent().newArtifact(BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_DOWNLOAD);
232 
233  // construct attributes
234  attributes.add(new BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PATH, getModuleName(), path));
235  attributes.add(new BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_URL, getModuleName(), url));
236 
237  addAttributeIfNotZero(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME_ACCESSED, startTime, attributes);
238  addAttributeIfNotNull(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PROG_NAME, programName, attributes);
239  addAttributeIfNotNull(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DOMAIN, extractDomain(url), attributes);
240 
241  // add attributes to artifact
242  attributes.addAll(otherAttributesList);
243  webDownloadArtifact.addAttributes(attributes);
244 
245  // post artifact
246  getSleuthkitCase().getBlackboard().postArtifact(webDownloadArtifact, getModuleName());
247 
248  // return the artifact
249  return webDownloadArtifact;
250  }
251 
268  public BlackboardArtifact addWebFormAddress(String personName, String email,
269  String phoneNumber, String mailingAddress,
270  long creationTime, long accessTime, int count) throws TskCoreException, BlackboardException {
271  return addWebFormAddress(personName, email, phoneNumber,
272  mailingAddress, creationTime, accessTime, count,
273  Collections.emptyList());
274  }
275 
293  public BlackboardArtifact addWebFormAddress(String personName, String email,
294  String phoneNumber, String mailingAddress,
295  long creationTime, long accessTime, int count,
296  Collection<BlackboardAttribute> otherAttributesList) throws TskCoreException, BlackboardException {
297 
298  BlackboardArtifact webFormAddressArtifact;
299  Collection<BlackboardAttribute> attributes = new ArrayList<>();
300 
301  CommunicationsManager commManager = this.getSleuthkitCase().getCommunicationsManager();
302  if(StringUtils.isNotBlank(email)) {
303  commManager.createAccountFileInstance(Account.Type.EMAIL, email, this.getModuleName(), this.getContent());
304  }
305 
306  if(StringUtils.isNotBlank(phoneNumber)) {
307  commManager.createAccountFileInstance(Account.Type.PHONE, phoneNumber, this.getModuleName(), this.getContent());
308  }
309 
310  // create artifact
311  webFormAddressArtifact = getContent().newArtifact(BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_FORM_ADDRESS);
312 
313  // construct attributes
314  attributes.add(new BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_NAME, getModuleName(), personName));
315 
316  addAttributeIfNotNull(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_EMAIL, email, attributes);
317  addAttributeIfNotNull(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PHONE_NUMBER, phoneNumber, attributes);
318  addAttributeIfNotNull(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_LOCATION, mailingAddress, attributes);
319 
320  addAttributeIfNotZero(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME_CREATED, creationTime, attributes);
321  addAttributeIfNotZero(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME_ACCESSED, accessTime, attributes);
322  addAttributeIfNotZero(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_COUNT, count, attributes);
323 
324  // add artifact
325  attributes.addAll(otherAttributesList);
326  webFormAddressArtifact.addAttributes(attributes);
327 
328  // post artifact
329  getSleuthkitCase().getBlackboard().postArtifact(webFormAddressArtifact, getModuleName());
330 
331  // return the artifact
332  return webFormAddressArtifact;
333  }
334 
349  public BlackboardArtifact addWebFormAutofill(String name, String value,
350  long creationTime, long accessTime, int count) throws TskCoreException, BlackboardException {
351  return addWebFormAutofill(name, value, creationTime, accessTime, count,
352  Collections.emptyList());
353  }
354 
372  public BlackboardArtifact addWebFormAutofill(String name, String value,
373  long creationTime, long accessTime, int count,
374  Collection<BlackboardAttribute> otherAttributesList) throws TskCoreException, BlackboardException {
375  BlackboardArtifact webFormAutofillArtifact;
376  Collection<BlackboardAttribute> attributes = new ArrayList<>();
377 
378  // create artifact
379  webFormAutofillArtifact = getContent().newArtifact(BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_FORM_AUTOFILL);
380 
381  // construct attributes
382  attributes.add(new BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_NAME, getModuleName(), name));
383  attributes.add(new BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_VALUE, getModuleName(), value));
384 
385  addAttributeIfNotZero(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME_CREATED, creationTime, attributes);
386  addAttributeIfNotZero(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME_ACCESSED, accessTime, attributes);
387  addAttributeIfNotZero(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_COUNT, count, attributes);
388 
389  // add attributes to artifact
390  attributes.addAll(otherAttributesList);
391  webFormAutofillArtifact.addAttributes(attributes);
392 
393  // post artifact
394  getSleuthkitCase().getBlackboard().postArtifact(webFormAutofillArtifact, getModuleName());
395 
396  // return the artifact
397  return webFormAutofillArtifact;
398  }
399 
415  public BlackboardArtifact addWebHistory(String url, long accessTime,
416  String referrer, String title, String programName) throws TskCoreException, BlackboardException {
417  return addWebHistory(url, accessTime, referrer, title, programName,
418  Collections.emptyList());
419  }
420 
437  public BlackboardArtifact addWebHistory(String url, long accessTime,
438  String referrer, String title, String programName,
439  Collection<BlackboardAttribute> otherAttributesList) throws TskCoreException, BlackboardException {
440 
441  BlackboardArtifact webHistoryArtifact;
442  Collection<BlackboardAttribute> attributes = new ArrayList<>();
443 
444  // create artifact
445  webHistoryArtifact = getContent().newArtifact(BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_HISTORY);
446 
447  // construct attributes
448  attributes.add(new BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_URL, getModuleName(), url));
449 
450  addAttributeIfNotZero(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME_ACCESSED, accessTime, attributes);
451  addAttributeIfNotNull(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_TITLE, title, attributes);
452  addAttributeIfNotNull(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_REFERRER, referrer, attributes);
453 
454  addAttributeIfNotNull(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PROG_NAME, programName, attributes);
455  addAttributeIfNotNull(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DOMAIN, extractDomain(url), attributes);
456 
457  // add attributes to artifact
458  attributes.addAll(otherAttributesList);
459  webHistoryArtifact.addAttributes(attributes);
460 
461  // post artifact
462  getSleuthkitCase().getBlackboard().postArtifact(webHistoryArtifact, getModuleName());
463 
464  // return the artifact
465  return webHistoryArtifact;
466  }
467 
468  // TBD: this is duplicated in Autopsy.
469  // We should move this to new Util class in TSK, and have Autopsy delegate to it.
478  private static String extractDomain(String urlString) {
479  if (urlString == null) {
480  return "";
481  }
482  String result;
483 
484  try {
485  URL url = new URL(urlString);
486  result = url.getHost();
487  } catch (MalformedURLException ex) {
488  // not a valid URL - we will try to extract it ourselves
489  result = null;
490  }
491 
492  //was not a valid URL, try a less picky method
493  if (result == null || StringUtils.isBlank(result)) {
494  return getBaseDomain(urlString);
495  }
496  return result;
497  }
498 
506  private static String getBaseDomain(String url) {
507  String host;
508 
509  //strip protocol
510  String cleanUrl = url.replaceFirst(".*:\\/\\/", "");
511 
512  //strip after slashes
513  String dirToks[] = cleanUrl.split("\\/");
514  if (dirToks.length > 0) {
515  host = dirToks[0];
516  } else {
517  host = cleanUrl;
518  }
519 
520  //get the domain part from host (last 2)
521  StringTokenizer tok = new StringTokenizer(host, ".");
522  StringBuilder hostB = new StringBuilder();
523  int toks = tok.countTokens();
524 
525  for (int count = 0; count < toks; ++count) {
526  String part = tok.nextToken();
527  int diff = toks - count;
528  if (diff < 3) {
529  hostB.append(part);
530  }
531  if (diff == 2) {
532  hostB.append('.');
533  }
534  }
535 
536  String base = hostB.toString();
537  // verify there are no special characters in there
538  if (base.matches(".*[~`!@#$%^&\\*\\(\\)\\+={}\\[\\];:\\?<>,/ ].*")) {
539  return "";
540  }
541 
542  //verify that the base domain actually has a '.', details JIRA-4609
543  if (!base.contains(".")) {
544  return "";
545  }
546 
547  return base;
548  }
549 }
org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_NAME
TSK_NAME
Definition: BlackboardAttribute.java:917
org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_COUNT
TSK_COUNT
Definition: BlackboardAttribute.java:1209
org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_REFERRER
TSK_REFERRER
Definition: BlackboardAttribute.java:1010
org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_URL
TSK_URL
Definition: BlackboardAttribute.java:911
org.sleuthkit.datamodel.blackboardutils.WebBrowserArtifactsHelper.addWebDownload
BlackboardArtifact addWebDownload(String url, long startTime, String path, String programName)
Definition: WebBrowserArtifactsHelper.java:205
org.sleuthkit.datamodel.blackboardutils.WebBrowserArtifactsHelper.addWebBookmark
BlackboardArtifact addWebBookmark(String url, String title, long creationTime, String progName)
Definition: WebBrowserArtifactsHelper.java:72
org.sleuthkit.datamodel.blackboardutils.WebBrowserArtifactsHelper.addWebDownload
BlackboardArtifact addWebDownload(String url, long startTime, String path, String programName, Collection< BlackboardAttribute > otherAttributesList)
Definition: WebBrowserArtifactsHelper.java:224
org.sleuthkit.datamodel.BlackboardArtifact.addAttributes
void addAttributes(Collection< BlackboardAttribute > attributes)
Definition: BlackboardArtifact.java:375
org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_BOOKMARK
TSK_WEB_BOOKMARK
Definition: BlackboardArtifact.java:935
org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DOMAIN
TSK_DOMAIN
Definition: BlackboardAttribute.java:951
org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PHONE_NUMBER
TSK_PHONE_NUMBER
Definition: BlackboardAttribute.java:1019
org.sleuthkit.datamodel.CommunicationsManager.createAccountFileInstance
AccountFileInstance createAccountFileInstance(org.sleuthkit.datamodel.Account.Type accountType, String accountUniqueID, String moduleName, Content sourceFile)
Definition: CommunicationsManager.java:266
org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PROG_NAME
TSK_PROG_NAME
Definition: BlackboardAttribute.java:920
org.sleuthkit.datamodel.blackboardutils.WebBrowserArtifactsHelper.addWebFormAddress
BlackboardArtifact addWebFormAddress(String personName, String email, String phoneNumber, String mailingAddress, long creationTime, long accessTime, int count)
Definition: WebBrowserArtifactsHelper.java:268
org.sleuthkit.datamodel.blackboardutils.WebBrowserArtifactsHelper.addWebHistory
BlackboardArtifact addWebHistory(String url, long accessTime, String referrer, String title, String programName, Collection< BlackboardAttribute > otherAttributesList)
Definition: WebBrowserArtifactsHelper.java:437
org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_HISTORY
TSK_WEB_HISTORY
Definition: BlackboardArtifact.java:945
org.sleuthkit.datamodel.blackboardutils.WebBrowserArtifactsHelper.addWebCookie
BlackboardArtifact addWebCookie(String url, long creationTime, String name, String value, String programName, Collection< BlackboardAttribute > otherAttributesList)
Definition: WebBrowserArtifactsHelper.java:161
org.sleuthkit.datamodel.Account.Type.PHONE
static final Account.Type PHONE
Definition: Account.java:49
org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME
TSK_DATETIME
Definition: BlackboardAttribute.java:914
org.sleuthkit.datamodel.blackboardutils.WebBrowserArtifactsHelper.addWebHistory
BlackboardArtifact addWebHistory(String url, long accessTime, String referrer, String title, String programName)
Definition: WebBrowserArtifactsHelper.java:415
org.sleuthkit.datamodel.BlackboardArtifact.newArtifact
BlackboardArtifact newArtifact(int artifactTypeID)
Definition: BlackboardArtifact.java:620
org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PATH
TSK_PATH
Definition: BlackboardAttribute.java:929
org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_DOWNLOAD
TSK_WEB_DOWNLOAD
Definition: BlackboardArtifact.java:950
org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_FORM_ADDRESS
TSK_WEB_FORM_ADDRESS
Definition: BlackboardArtifact.java:1191
org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_VALUE
TSK_VALUE
Definition: BlackboardAttribute.java:923
org.sleuthkit.datamodel.blackboardutils.WebBrowserArtifactsHelper.addWebFormAutofill
BlackboardArtifact addWebFormAutofill(String name, String value, long creationTime, long accessTime, int count)
Definition: WebBrowserArtifactsHelper.java:349
org.sleuthkit.datamodel.Content
Definition: Content.java:32
org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_EMAIL
TSK_EMAIL
Definition: BlackboardAttribute.java:969
org.sleuthkit.datamodel.blackboardutils.WebBrowserArtifactsHelper.addWebFormAutofill
BlackboardArtifact addWebFormAutofill(String name, String value, long creationTime, long accessTime, int count, Collection< BlackboardAttribute > otherAttributesList)
Definition: WebBrowserArtifactsHelper.java:372
org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_TITLE
TSK_TITLE
Definition: BlackboardAttribute.java:1077
org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_FORM_AUTOFILL
TSK_WEB_FORM_AUTOFILL
Definition: BlackboardArtifact.java:1186
org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME_ACCESSED
TSK_DATETIME_ACCESSED
Definition: BlackboardAttribute.java:1013
org.sleuthkit.datamodel.blackboardutils.WebBrowserArtifactsHelper.addWebBookmark
BlackboardArtifact addWebBookmark(String url, String title, long creationTime, String progName, Collection< BlackboardAttribute > otherAttributesList)
Definition: WebBrowserArtifactsHelper.java:92
org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_COOKIE
TSK_WEB_COOKIE
Definition: BlackboardArtifact.java:940
org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME_CREATED
TSK_DATETIME_CREATED
Definition: BlackboardAttribute.java:1137
org.sleuthkit.datamodel.blackboardutils.WebBrowserArtifactsHelper.addWebCookie
BlackboardArtifact addWebCookie(String url, long creationTime, String name, String value, String programName)
Definition: WebBrowserArtifactsHelper.java:135
org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE
Definition: BlackboardAttribute.java:909
org.sleuthkit.datamodel.blackboardutils.WebBrowserArtifactsHelper.WebBrowserArtifactsHelper
WebBrowserArtifactsHelper(SleuthkitCase caseDb, String moduleName, Content srcContent)
Definition: WebBrowserArtifactsHelper.java:54
org.sleuthkit.datamodel.blackboardutils.WebBrowserArtifactsHelper.addWebFormAddress
BlackboardArtifact addWebFormAddress(String personName, String email, String phoneNumber, String mailingAddress, long creationTime, long accessTime, int count, Collection< BlackboardAttribute > otherAttributesList)
Definition: WebBrowserArtifactsHelper.java:293
org.sleuthkit.datamodel.Account.Type.EMAIL
static final Account.Type EMAIL
Definition: Account.java:50
org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE
Definition: BlackboardArtifact.java:925
org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_LOCATION
TSK_LOCATION
Definition: BlackboardAttribute.java:1191

Copyright © 2011-2020 Brian Carrier. (carrier -at- sleuthkit -dot- org)
This work is licensed under a Creative Commons Attribution-Share Alike 3.0 United States License.