Skip to content

Autopsy 4.7.0
Compare
Choose a tag to compare
@bcarrier bcarrier released this 09 May 03:05
· 17916 commits to develop since this release
autopsy-4.7.0
This tag was signed with the committer’s verified signature.
bcarrier Brian Carrier
GPG key ID: 38AD602EC7454C8B
Learn about vigilant mode.
a96f565

New Features:

  • A graph visualization was added to the Communications tool to make it easier to find messages and relationships.
  • A new "Application" content viewer (lower right) that will contain file-type specific viewers (to reduce number of tabs).
  • New viewer for SQLite databases (in Application content viewer)
  • New viewer for binary PLists (in Appilcation content viewer)
  • L01 files can be imported as data sources.
  • Ingest filters can now use date range conditions for triage.
  • Passwords to open password protected archive files can be entered (by right clicking on the file).
  • Reports (e.g., RegRipper output) generated by ingest modules are now indexed for keyword search.
  • PhotoRec carving module can be configured to keep corrupted files.
  • Sector size can be specified for local drives and images when E01 is wrong or it is a raw image.
  • New data source processor in Experimental module that runs Volatility, adds the outputs as files, and parses the reports to provide INTERESTING_FILE artifacts.
  • Assorted small enhancements are included.

Bug Fixes:

  • Memory leaks and other issues revealed by fuzzing the The Sleuth Kit have
    been fixed.
  • Result views (upper right) and content views (lower right) stay in synch when switching result views.
  • Concurrency bugs in the ingest tasks scheduler have been fixed.
  • Assorted small bug fixes are included.
Assets 8