Autopsy is an open source software that is used to perform forensic operations on hard drives and smartphones.
This tool is used:
- law enforcement
- local police
- corporate security departments
— , Autopsy .
:
-
- :
- MIME
- :
-
-
- Timeline
- Discovery
- /
Autopsy Windows "New Case".
, , .
.
. :
- Disk Image or VM file: , :
- Local Disk: , :
- USB
- . .
- Logical Files: .
- Unallocated Space Image File: , Ingest.
- Autopsy Logical Imager Results: .
- XRY Text Export: XRY.
. .
Ingest.
Ingest :
. . .
MIME.
Autopsy , , MIME , , . .
:
, , :
- . .
, .
.
.
, .
5 :
- HTML
- Office
, HTML-. .
PDF, PDF- .
.
.
:
- .exe
- .dll
- .bat
- .cmd
- .com
MIME
:
.
Deleted Files: , .
MB Size Files: , 50 . .
.
Extracted Content: . :
.
Metadata: , :
- . .
Recycle Bin: , .
Web Downloads: , .
Keyword Hits: . :
- . .
.
CSV.
Timeline
:
Discovery
, .
.
/
.
:
- . .
, , , .
.
, .
HTML.
!
