First Download autopsy
from here and install in your pc.
Click ‘Create a New Case’ option.
A new page will open. Enter the details in ‘Case Name’ and ‘Base Directory’ and
choose the location to save the report e.g. :c\users\raj\desktop\auto. Then
click on next to proceed to next step.
Here
in next step you have to enter the case number and Examiner details and click on finish to proceed to next step
In
Step 2. Configure ingest Modules I have chosen all the modules as I am
looking for complete information on evidence device or disk or system etc. and click next to proceed further.
In
Add Data Source just click on finish to generate the
report of the device and you can perform complete investigate on the victim
device or system or any other disk. It will process the data Source and add it
to local database.
After
Process completion, it will show Forensic Investigation Report. Now click on
Devices Attached option, it will show the list of attached device with system.
Now
click on EXIF Metadata (Exchangeable image file
format for images, sound used by Digital Camera, Smartphone and scanner).It
will show the image files.
Now click on Installed Programs to see the entire installed
programs in the system.
Click Operating System Information. It will show the entire
operating system list.
Now Select Operating System
User Account Optiion . It will Display the name of all the user Accounts.
Now click on Recent Documents Option, it will display latest
created or opened documents.
Click Web Bookmarks Option to see all the bookmarks by
system users in different browsers.
To see web cookies, select web cookies option.
To See Web Downloads, Click on Web Downloads option.
To check internet History, click on Web History Option.
To see the history of internet search, click on Web Search
Option.
To see the list of all email ids in the system, click on
email address.
0 comments:
Post a Comment