Autopsy User Documentation
4.19.3
Graphical digital forensics platform for The Sleuth Kit and other tools.
|
There are two ways to deploy Autopsy:
Regardless of the deployment type, you can download Autopsy from the website:
http://sleuthkit.org/autopsy/download.php
We distribute a Windows installer and ZIP files to run on Linux and OS X.
You should consider either disabling AntiVirus software that runs on your computers that will be running Autopsy or configuring your AntiVirus software to ignore the contents of your case output directory. AntiVirus software may quarantine or even delete some of your results before you get a chance to look at them. Autopsy encodes some of the files that it extracts so that they can not be executed or scanned, but some modules (such as our ZIP extraction module) will directly write files to disk in an unencoded format.
Of course, the risk with disabling AntiVirus software is that your computer could be infected with malware that came from your media.
We recommend a minimum of 16GB of RAM.
By default, Autopsy will use a maximum of 4GB of RAM (not including memory that the Solr text indexing server uses). You can increase this size after installation by changing the Maximum JVM Memory value in the Runtime section under Tools -> Options -> Application.
To install Autopsy, perform the following steps:
If you are behind a proxy and need access to a network with Autopsy or one of the modules, you may set your proxy information in the Tools, Options, General tab as shown in the screenshot below.
If desired, you can set up a Windows file association for .aut files and the Autopsy executable (normally C:\Program Files\Autopsy-(current version)\bin\autopsy64.exe). This will allow you to double click on the .aut file for a case to launch Autopsy with the selected case open. Instructions for setting up file associations can be found by doing a web search for "how to set Windows file associations".
Copyright © 2012-2022 Basis Technology. Generated on Tue Jun 27 2023
This work is licensed under a
Creative Commons Attribution-Share Alike 3.0 United States License.