Downloads

Download Autopsy 4.17.0

By admin
Spread the love

The Sleuth Kit is a collection of forensic tools that can be used to take a closer look at the hard drive or memory card. It is possible to recover or partially view deleted files. Autopsy is a graphical interface for this kit, and it runs on Linux, macOS and Windows. It is released under the Apache 2.0 license and is written in Java. For more information, please refer to this manual† The developers have released a new version with 4.17.0 as the version number. The changelog for this release looks like this:

GUI:

  • Expanded the Data Source Summary panel to show recent activity, past cases, analysis results, etc. Also made this available from the main UI when a data source is selected.
  • Expanded Discovery UI to support searching for and basic display of web domains. It collapses the various web artifacts into a single view.

Ingest Modules:

  • Added iOS Analyzer module based on iLEAPP and a subset of its artifacts.
  • New Picture Analyzer module that does EXIF ​​extraction and HEIC conversion. HEIC/HEIF images are converted to JPEGs that retain EXIF ​​using ImageMagick (replaces the previous EXIF ​​ingest module).
  • Added support for the latest version of Edge browser that is based on Chromium into Recent Activity. Other Chromium-based browsers are also supported.
  • Updated the rules that search Web History artifacts for search queries. Expanded module to support multiple search engines for ambiguous URLs.
  • Bluetooth pairing artifacts are created based on RegRipper output.
  • Prefetch artifacts record the full path of exes.
  • PhotoRec module allows you to include or exclude specific file types.
  • Upgraded to Tika 1.23.

Performance:

  • Documents are added to Solr in batches instead of one by one.
  • More efficient queries to find WAL files for SQLite databases.
  • Use a local drive for temp files for multi-user cases instead of the shared folder.

Command Line

  • Command line support for report profiles.
  • Restored support for Windows file type association for opening a case in Autopsy by double clicking case metadata (.aut) file.
  • Better feedback for command line argument errors.

Misc:

  • Updated versions of libvmdk, libvhdi, and libewf.
  • Persona UI fixes: Pre-populate account and changed order of New Persona dialog.
  • Streaming ingest support added to auto ingest.
  • Recent Activity module processes now use the global timeout.
  • Option to include Autopsy executable in portable case (Windows only.)
  • Upgraded to NetBeans 11 Rich Client Platform.
  • Added debug feature to save the stack trace on all threads.

Autopsy 4.2, click on the image for a larger version.

Version number 4.17.0
Release status Final
Operating systems Windows 7, Linux, macOS, Windows 8, Windows 10
Website The Sleuth Kit
Download
License type GPL
You might also like
News

Rumor: Apple is working on its own applications based on a large language model

News

EU Council determines position on security requirements for digital products

News

Samsung develops first GDDR7 chips, mentions bandwidths of up to 32Gbit/s per pin

News

Meta introduces open source language model Llama 2, works on PCs and phones

News

Logitech acquires stream controller maker Loupedeck

News

Anticheat FaceIT gets Linux version, enables Steam Deck support