In this post, I would like to share what I have gained during the training which might help people out there. A couple of weeks ago, I attend online and receive one forensic certification related to the Autopsy tool.
For those who are not familiar with Forensic Autopsy tools, it’s a tool that uses the forensic platform and graphical interfaces like Sleuth Kit and other more forensic tools. An autopsy is a tool that normally been used by cyber forensic resources and law enforcement to determine the evidence that happens within the computer and presented it at the court for further action.
Advantages of using Autopsy
Easier to use
From my experience, I notice some of the forensic tools are very hard to work around but Autopsy is a little easy to use because it was been created to be intuitive out of the box.
It has also been easy to install on our machine and installation guideline will bring you through by step-by-step. As a result, it is very rare when the user cannot install it.
Besides the tools been easy to use, Autopsy has also been created extensible so that some of the modules that it normally been out of the box can be used together.
Modules that been used with Autopsy such as follow:
- Timeline Analysis
- Hash Filtering
- Keyword Search
- Web Artifacts
- Data Carving
Quick and Cost Effective
Autopsy will be running in background where it will produce the result as quick as the tools found the data using multiple cores. However, it normally depends on the hard drive which it take a long time if the size of data is huge.
For an organization which is in a tight budget, Autopsy is free and it also provides almost similar core feature comparing with other forensic tools. Additionally, they also offer other essential features, such as web artifact analysis and registry analysis, that other commercial tools do not provide.
For those who want to download autopsy tools, can be found here
Credit: Autopsy website