Difference between revisions of "Autopsy 3rd Party Modules"

From SleuthKitWiki
Jump to: navigation, search
(Data Content Viewer Modules)
(Ingest Modules)
Line 4: Line 4:
  
 
= Ingest Modules =
 
= Ingest Modules =
Name of module: Autopsy AHBM<br>
+
 
 +
== Autopsy AHBM ==
 +
 
 
Author: Petter Bjelland<br>
 
Author: Petter Bjelland<br>
 
Minimum Autopsy version: 3.0.7<br>
 
Minimum Autopsy version: 3.0.7<br>
Line 13: Line 15:
 
License: Apache 2.0<br>
 
License: Apache 2.0<br>
 
The video presentation is also uploaded to youtube: http://youtu.be/GBmZRufH_3o<br>
 
The video presentation is also uploaded to youtube: http://youtu.be/GBmZRufH_3o<br>
 +
 +
 +
== WindowsRegistryIngestModule ==
 +
 +
Author: Willi Ballenthin<br>
 +
Minimum version of Autopsy required: 3.0.7<br>
 +
Description: An ingest module that extracts Registry keys and values into derived directories and files.
 +
Source URL: http://www.williballenthin.com/git/index.cgi?p=WindowsRegistryIngestModule.git;a=summary
 +
Release Download: N/A
 +
License of source code: Apache 2
  
 
= Data Content Viewer Modules =
 
= Data Content Viewer Modules =

Revision as of 07:22, 18 November 2013

This page will list the third party modules that have been written for Autopsy. Autopsy comes with a set of modules, but other developers are encouraged go write modules instead of stand-alone tools.

Autopsy has many new frameworks and as more modules are written, this page will obviously get longer.

Ingest Modules

Autopsy AHBM

Author: Petter Bjelland
Minimum Autopsy version: 3.0.7
Description:
Released as part of OSDF Con 2013 Development contest. Approximate Hash Based Matching module allows the investigator to efficiently employ sdhash in Autopsy 3. The investigator can match files against other files or sdhash reference sets during ingest, or search for similar files from the directory viewer or search results after ingest.
Source URL: https://github.com/pcbje/autopsy-ahbm
Release Download: https://github.com/pcbje/autopsy-ahbm/releases
License: Apache 2.0
The video presentation is also uploaded to youtube: http://youtu.be/GBmZRufH_3o


WindowsRegistryIngestModule

Author: Willi Ballenthin
Minimum version of Autopsy required: 3.0.7
Description: An ingest module that extracts Registry keys and values into derived directories and files. Source URL: http://www.williballenthin.com/git/index.cgi?p=WindowsRegistryIngestModule.git;a=summary Release Download: N/A License of source code: Apache 2

Data Content Viewer Modules

Name of module: Video Triage
Author: Basis Technology
Minimum Autopsy version: 3.0.7
Description: Takes snapshots of videos so that you do not have to view the entire video to determine what it contains.
Release Download: http://www.basistech.com/digital-forensics/autopsy-modules/

Report Modules

  • No 3rd party modules have been publicly released.