[sleuthkit-users] New Autopsy and TSK Releases

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Autopsy 4.7.0 and The Sleuth Kit 4.6.1 are available for download.

*Autopsy 4.7.0 *Lots of new features, including:

   - A graph visualization was added to the Communications tool to make it
   easier to find messages and relationships.
   - New SQLite and binary PList viewers
   - L01 files can be imported as data sources.
   - Ingest filters can now use date range conditions for triage.
   - Passwords to open password protected archive files can be entered (by
   right clicking on the file).
   - New data source processor in Experimental module that runs Volatility,
   adds the outputs as files, and parses the reports to provide
   INTERESTING_FILE artifacts.
   - Improved support for Linux and OS X.
   - .... [full list of new things is here
   <http://sleuthkit.org/autopsy/history.php>]

More details on the key features can be found from the blog
<https://www.autopsy.com/autopsy-4-7-includes-link-analysis-database-viewers-triage-and-more/>.

You can download Autopsy from here
<http://sleuthkit.org/autopsy/download.php>.

*The Sleuth Kit 4.6.1*
Bug fixes, Linux enhancements for Autopsy, and other Autopsy-based changes:

   - Lots of bounds checking fixes from Google's fuzzing tests.  Thanks
   Goole.
   - Cleanup and fixes from uckelman-sf and others
   - PostgreSQL, libvhdi, & libvmdk are supported for Linux / OS X
   - Fixed display of NTFS GUID in istat - report from Eric Zimmerman.
   - NTFS istat shows details about all FILE_NAME attributes, not just the
   first.  report from Eric Zimmerman.

You can download from here <http://sleuthkit.org/sleuthkit/download.php>.