[sleuthkit-users] Autopsy and TSK Releases
Brought to you by:
carrier
Menu
▾
▴
[sleuthkit-users] Autopsy and TSK Releases
|
From: Brian C. <ca...@sl...> - 2017-01-18 21:47:33
|
There are new releases of both The Sleuth Kit and Autopsy. New things in Autopsy 4.3.0 are: * Support for slack space on files (as separate virtual files) to enable keyword searching and other analysis * Simple mode for the file extension mismatch module that focuses on only only multimedia and executable files to reduce false positives * New view in tree that shows the MIME types * Tagged items are highlighted in table views * Ordering of columns is saved when user changes them * Support for Android devices with preloaders (uses backup GPT) * Support for images with no file systems (all data is added as unallocated space * User can bulk add list of keywords to a keyword list * New "Experimental" module (activate via Tools, Plugins) with auto ingest feature * Assorted bug fixes and minor enhancements. You can download it from: http://www.sleuthkit.org/autopsy/download.php As was pointed out, we didn't officially release TSK 4.3.1, so this binary release has new things from that release and the 4.4.0 release: 4.4.0: * Compiling in Windows now uses Visual Studio 2015 * tsk_loaddb now adds new files for slack space and JNI was upgraded accordingly. 4.3.1: * NTFS works on 4k sectors * Added support in Java to store local files in encoded form (XORed) * Added Java Account object into datamodel You can download it from: http://www.sleuthkit.org/sleuthkit/download.php |
