Initiating a Digital Forensic Investigation with Autopsy 4.19+

This is a mini-course on Autopsy. See chapter times below. Autopsy is a free, open-source, full-features digital forensic investigation tool kit. It is developed by Basis Technology and a large open-source community. You can use Autopsy as the basis to conduct a full digital forensic investigation. You can also expand Autopsy with modules written in Java and Python. Thank you to our Members and Patrons, but especially to our Investigators, TheRantingGeek and Roman! Thank you so much! We take you through how to start a digital investigation case in Autopsy. From organizing your data, starting your forensic documentation, processing case data, forensic analysis workflow, and generating reports. 00:00 Starting a digital investigation with Autopsy 00:11 Setting up your forensic workstation 00:37 Organize case files 02:42 Start your documentation! 03:06 Organizing suspect image data 04:33 Starting a new case in Autopsy 04:42 Autopsy: Case Information 05:59 Autopsy: Optional Information 06:57 Autopsy: Select Host 07:39 Autopsy: Select Data Source Type 09:02 Autopsy: Select Data Source 10:27 Autopsy: Configure Ingest 10:46 Modules: Recent Activity 11:09 Modules: Hash Lookup 12:29 Modules: File Type Identification 14:10 Modules: Extension Mismatch Detector 16:03 Modules: Embedded File Extractor 16:24 Modules: Picture Analyzer 16:45 Modules: Keyword Search 19:34 Modules: Email Parser 19:42 Modules: Encryption Detection 19:58 Modules: Interesting Files Identifier 20:41 Modules: Central Repository 22:10 Modules: PhotoRec Carver 22:42 Modules: Virtual Machine Extractor 23:00 Modules: Data Source Integrity 23:17 Modules: ALEAPP 23:34 Modules: Plaso 23:51 Modules: YARA Analyzer 24:17 Modules: iLEAPP 24:33 Modules: Android Analyzer 24:38 Autopsy module selection strategy 25:13 Autopsy: Add Data Source 25:42 Autopsy: Processed Data View 25:58 Autopsy: Main file view 26:18 Autopsy: File detail view 27:58 Autopsy: Filters and views 28:55 Autopsy: Deleted files filter 29:59 Autopsy: Data Artifacts, etc 30:22 Example investigation workflow 30:43 Case-specific keyword search 31:21 Tagging relevant items 34:46 Generate findings report 37:33 Analysis procedure overview 37:55 Autopsy: Images/Videos tool 38:17 Conclusions Learn how to do forensic keyword searching, entropy testing, YARA basics, file carving, and more with Autopsy digital forensic software. 🚀 Full Digital Forensic Courses → https://learn.dfir.science Links: * Autopsy Software: https://www.autopsy.com/ * HxD Hex Editor Software: https://mh-nexus.de/en/hxd/ * Practice Data: https://dfir.science/assets/data/SuspectData.dd.zip Related Books: * Practical Linux Forensics: A Guide for Digital Investigators (https://amzn.to/3gzXCh9) * Digital Forensics with Open Source Tools (https://amzn.to/34FBrUe) #Autopsy #forensics #investigation #case #dfir 010001000100011001010011011000110110100101100101011011100110001101100101 Get more Digital Forensic Science 👍 Subscribe → https://bit.ly/2Ij9Ojc ❤️ YT Member → https://bit.ly/DFIRSciMember ❤️ Patreon → https://www.patreon.com/dfirscience 🕸️ Blog → https://DFIR.Science 🤖 Code → https://github.com/DFIRScience 🐦 Follow → https://www.twitter.com/DFIRScience 📰 DFIR Newsletter → https://bit.ly/DFIRNews 010100110111010101100010011100110110001101110010011010010110001001100101 Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License. Please link back to the original video. If you want to use this video for commercial purposes, please contact us first. We would love to see what you are doing.