13 Performing a Full DFIR Analysis with the Autopsy 4 GUI

As we previously learned in Chapter 12, Autopsy Forensic Browser, when we used the Autopsy forensic browser, which comes with Kali Linux, Autopsy is quite a powerful tool when it comes to automated evidence and file analysis. However, the Autopsy forensic browser has some limitations, especially as it is older and not as frequently updated as the Graphical User Interface (GUI) version. The Autopsy forensic browser has been at version 2.2 for many years, whereas the Autopsy GUI is currently, at the time of writing, up to version 4.19.

In this chapter, we will focus on the Autopsy v4 GUI (also called the Autopsy 4 GUI) and analyze the very same file used in the previous chapter to compare ...

Get Digital Forensics with Kali Linux - Third Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Digital Forensics with Kali Linux - Third Edition by Shiva V. N. Parasram

13

Performing a Full DFIR Analysis with the Autopsy 4 GUI

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly