forked from sleuthkit/autopsy
-
Notifications
You must be signed in to change notification settings - Fork 0
/
README.txt
136 lines (90 loc) · 4.89 KB
/
README.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
Autopsy 3.0
http://www.sleuthkit.org/
March 13, 2013
OVERVIEW
Autopsy is a graphical interface to The Sleuth Kit and other open source digital forensics tools.
Autopsy 3 is a complete rewrite from Autopsy 2 and it is now Java-based.
Although Autopsy is designed to be cross-platform (Windows, Linux, MacOSX), the current version is fully functional and fully tested only on Windows.
We have run it on XP, Vista, and Windows 7 with no problems.
Autopsy 3.0 is released under the Apache 2.0 license.
INSTALLATION
All Autopsy dependencies are bundled with the installer provided.
There is no need for manual installation of additional dependencies if the installer is used.
If you want the Japanese localized version, you must have the Japanese language pack (http://support.microsoft.com/kb/972813) installed and the default locale set to JA. (http://windows.microsoft.com/en-us/windows/change-system-locale#1TC=windows-7).
Refer to the next section for additional info on third-party software requirements to run Autopsy without installer.
Refer to the KNOWN_ISSUES.txt file for known bugs that could cause investigation problems.
SUPPORT
There is a built-in help system in Autopsy once you get it started. There is also a QuickStart Guide that came with the installer.
Send any bug reports or feature requests to the sleuthkit-users e-mail list.
http://www.sleuthkit.org/support.php
LICENSE
The Autopsy code is released under the Apache License, Version 2. See LICENSE-2.0.txt for details.
EMBEDDED SOFTWARE
This section lists the software components and libraries that are used inside of
Autopsy. These tools are bundled with the installer, unless specified otherwise.
JRE (Java Runtime Environment) 1.8
- Web page: http://www.oracle.com/technetwork/java/index.html
- License: http://www.oracle.com/technetwork/java/javase/terms/license/index.html
Netbeans 7.3 RCP platform and .jar files bundled with the platform
- Web page: http://netbeans.org/features/platform/
- License:
http://services.netbeans.org/downloads/licence/nb-7.0-final-2011-04-20-license.txt
Sleuth Kit for analyzing disk images.
- Web page: http://www.sleuthkit.org/sleuthkit/
- License: http://sleuthkit.org/sleuthkit/licenses.php
Libewf for opening E01 files
- Web page: http://sourceforge.net/projects/libewf/
- License: http://www.gnu.org/licenses/lgpl.html
zlib for opening E01 files
- Web page: http://zlib.net/
- License: http://zlib.net/zlib_license.html
Solr (including Lucene and TIKA) for keyword search
- Web page: http://projects.apache.org/projects/solr.html
- License: http://www.apache.org/licenses/LICENSE-2.0
GStreamer for viewing video files
- Web page: http://gstreamer.freedesktop.org/
- License: http://www.gnu.org/licenses/lgpl.html
GStreamer-java for viewing video files
- Web page: http://code.google.com/p/gstreamer-java/
- License: http://www.gnu.org/licenses/lgpl.html
Regripper for pulling recently activity
(Including custom plugins)
- Web page: http://regripper.wordpress.com/
- License: http://www.gnu.org/licenses/gpl.html
Pasco2 for pulling Internet Explorer activity
- Web page: http://sourceforge.net/projects/pasco2/
- License: http://www.gnu.org/licenses/gpl.html
Jericho for extracting content from HTML files
- Web page: http://jerichohtml.sourceforge.net/
- License: http://www.gnu.org/copyleft/lesser.html
Advanced installer 9 (Freeware)
(not embedded in Autopsy, but used to generate Autopsy installer.)
- Web page: http://www.advancedinstaller.com/
Metadata Extractor 2.6.2 for extracting Exif metadata
- Web page: http://www.drewnoakes.com/code/exif/
- License: http://www.apache.org/licenses/LICENSE-2.0
Reflections 0.9.8 for ingest module loading
- Web page: http://code.google.com/p/reflections
- License: http://en.wikipedia.org/wiki/WTFPL
Sigar for process monitoring
- Web page: http://support.hyperic.com/display/SIGAR/Home
- License: http://support.hyperic.com/display/SIGAR/Home#Home-license
7Zip and 7Zip java bindings for 7Zip extractor module
- Web page: http://sevenzipjbind.sourceforge.net/
- License: http://sourceforge.net/directory/license:lgpl/
ImgScalr 4.2 for image resizing in image viewers
- Web page: http://www.thebuzzmedia.com/software/imgscalr-java-image-scaling-library/
- License: http://www.thebuzzmedia.com/software/imgscalr-java-image-scaling-library/#license
EMBEDED RESOURCES
This section lists other resources, such as icons, that are used by Autopsy.
FAMFAMFAM Silk Icons v1.3
- Web page: http://www.famfamfam.com/lab/icons/silk/
- License: http://creativecommons.org/licenses/by/3.0/
Fugue Icons v3.5.6
- Web page: http://p.yusukekamiyamane.com/
- License: http://creativecommons.org/licenses/by/3.0/
WebHostingHub Glyphs
- Web page: http://www.webhostinghub.com/glyphs/
- License: http://creativecommons.org/licenses/by/3.0/
Splashy Icons (free as in free)
- Web page: http://splashyfish.com/icons/