Chapter 9: Autopsy

Autopsy and The Sleuth Kit, both created by Brian Carrier, go hand in hand. The Sleuth Kit is a powerful suite of CLI forensic tools, whereas Autopsy is the GUI that sits on top of The Sleuth Kit and is accessed through a web browser. The Sleuth Kit supports disk image file types including RAW (DD), EnCase (.01), and the Advanced Forensic Format (AFF).

The topics that we will cover in this chapter include the following:

Introduction to Autopsy
The sample image file used in Autopsy
Digital forensics with Autopsy

Introduction to Autopsy

Autopsy offers GUI access to a variety of investigative command-line tools from The Sleuth Kit, including file analysis, image and file hashing, deleted file recovery, and case management, ...

Get Digital Forensics with Kali Linux - Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Digital Forensics with Kali Linux - Second Edition by Shiva V. N. Parasram

Chapter 9: Autopsy

Introduction to Autopsy

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly