Autopsy

Forensics platform and graphical interface to The Sleuth Kit® and other forensics tools.

Installation

Autopsy explain the installation on their website.

Windows

Autopsy for Microsoft Windows x64

Linux

The installation on Linux can be hard due to dependencies needed.

Download the zip file
Linux will need The Sleuth Kit Java .deb Debian package
Follow the instructions to install other dependencies

Docker (recommended)

Autopsy can be deployed on docker via docker hub.

$ xhost +
$ docker run \
            -d \
            -it \
            --shm-size 2G \
            -v /tmp/.X11-unix:/tmp/.X11-unix \
            -v $(pwd)/case/:/root/case \
            -e DISPLAY=$DISPLAY \
            -e JAVA_TOOL_OPTIONS='-Dawt.useSystemAAFontSettings=on -Dswing.aatext=true -Dswing.defaultlaf=com.sun.java.swing.plaf.gtk.GTKLookAndFeel' \
            --network host \
            --device /dev/dri \
            bannsec/autopsy --nosplash

Use the --nosplash option on the docker run command line to avoid java error on the launch.

It will create a case folder on the current directory. You will need to insert image memory in this folder to exploit them with autopsy.

PreviousPlugins for Mac NextWindows Forensic

Last updated 1 year ago