Autopsy 4.1.0 Release

Autopsy 4.1.0 has been released after a long drought. So, it has a longer list of features than usual. You can download it from sleuthkit.org. Here is a quick summary of biggish features: New list view in the timeline module.  This view adds to the existing counts...

Python Autopsy Module Tutorial #3: The Report Module

It’s time for the final Python tutorial in this series and just in time to give you a chance to write something for the OSDFCon Autopsy Module Competition. In our last two blog posts, we built Python Autopsy file ingest modules that analyzed the data sources as they...

Python Autopsy Module Tutorial #2: The Data Source Ingest Module

In our last blog post, we built a basic Python Autopsy module that looked for big and round files. In our second post in the Autopsy: Python Module Series, we’re going to make two data source ingest modules. The first focuses on finding SQLite databases and parsing...

Python Autopsy Module Tutorial #1: The File Ingest Module

There is still plenty of time to work on an Autopsy module that will get you cash prizes (and bragging rights) from Basis Technology at OSDFCon 2015. The easiest way for most people to write a module is to use Python and this will be a gentle intro to doing so....