Learn how to initiate and conduct a digital forensic investigation using Autopsy 4.19+, a free and open-source digital forensic toolkit. This comprehensive 39-minute tutorial covers everything from setting up your forensic workstation and organizing case files to processing data, conducting forensic analysis, and generating reports. Explore various Autopsy modules, including Recent Activity, Hash Lookup, File Type Identification, and Keyword Search. Follow a step-by-step guide through the investigation process, including case creation, data source selection, ingest configuration, and analysis workflow. Gain practical insights into forensic techniques such as keyword searching, entropy testing, and file carving. Perfect for both beginners and experienced digital forensic investigators looking to enhance their skills with Autopsy.
Overview
Syllabus
Starting a digital investigation with Autopsy
Setting up your forensic workstation
Organize case files
Start your documentation!
Organizing suspect image data
Starting a new case in Autopsy
Autopsy: Case Information
Autopsy: Optional Information
Autopsy: Select Host
Autopsy: Select Data Source Type
Autopsy: Select Data Source
Autopsy: Configure Ingest
Modules: Recent Activity
Modules: Hash Lookup
Modules: File Type Identification
Modules: Extension Mismatch Detector
Modules: Embedded File Extractor
Modules: Picture Analyzer
Modules: Keyword Search
Modules: Email Parser
Modules: Encryption Detection
Modules: Interesting Files Identifier
Modules: Central Repository
Modules: PhotoRec Carver
Modules: Virtual Machine Extractor
Modules: Data Source Integrity
Modules: ALEAPP
Modules: Plaso
Modules: YARA Analyzer
Modules: iLEAPP
Modules: Android Analyzer
Autopsy module selection strategy
Autopsy: Add Data Source
Autopsy: Processed Data View
Autopsy: Main file view
Autopsy: File detail view
Autopsy: Filters and views
Autopsy: Deleted files filter
Autopsy: Data Artifacts, etc
Example investigation workflow
Case-specific keyword search
Tagging relevant items
Generate findings report
Analysis procedure overview
Autopsy: Images/Videos tool
Conclusions
Taught by
DFIRScience
