autopsy - Autopsy Forensic Browser

License: ASL 2.0
Autopsy is a graphical interface to The Sleuth Kit and other open source digital forensics tools.
Autopsy 3 was a complete rewrite from Autopsy 2 to make it Java-based.
Autopsy 4 improves on Autopsy 3 by supporting collaboration on a single case by multiple users.

Although Autopsy is designed to be cross-platform (Windows, Linux, MacOSX), the current version
is fully functional and fully tested only on Windows. We have run it on XP, Vista, and Windows
7 with no problems.

Autopsy 4 is released under the Apache 2.0 license.
Some libraries Autopsy uses may have different, but similar, open source licenses.


autopsy-4.18.0-1.fc31.x86_64 [556.4 MiB] Changelog by Lawrence R. Rogers (2021-03-22):
* Release 4.18.0-1
	Keyword Search:
		A major upgrade from Solr 4 to Solr 8.6.3.  Single user cases continue to use the embedded server.  
		Multi-user clusters need to install a new Solr 8 server and can now create a Solr cloud with multiple servers. 
		   NOTE: Cases created with Autopsy 4.18 cannot be opened by previous versions of Autopsy.  Autopsy 4.18 can open older cases though. 
		See for more details. 
		Improved text indexing speed by not doing language detection on unknown file formats and unallocated space. 
	Domain Discovery:
		Added details view to Domain Discovery to show what web-based artifacts are associated with the selected domain. 
		Updated the Domain Discovery grouping and sorting by options. 
		Added basic domain categorization for webmail-based domains.
	Content Viewers:
		Built more specialized viewers for web-based artifacts.
	Data Source Summary: 
		Added a “Geolocations” tab that shows what cities the data source was near (based on geolocation data).
		Added a “Timeline” tab that shows counts of events from the last 30 days the data source was used. 
		Added navigation buttons to jump from the summary view to the main Autopsy UI (for example to go to the map). 
	Ingest Modules:
		New YARA ingest module to flag files based on regular expression patterns. 
		New “Android Analyzer (aLEAPP)” module based on aLEAPP.  Previous “Android Analyzer” also still exists. 
		Updated “iOS Analyzer (iLEAPP)” module to create more artifacts and work on disk images. 
		Hash Database module will calculate SHA-256 hash in addition to MD5.
		Removed Interesting Item rule that flagged existence of Bitlocker (since it ships with Windows). 
		Fixed a major bug in the PhotoRec module that could result in an incorrect file layout if the carved file spanned non-contiguous sectors. 
		Fixed MBOX detection bug in Email module. 
		Attachments from tagged messages are now included in a Portable Case. 
		Added support for Ext4 inline data and sparse blocks (via TSK fix).
		Updated PostgreSQL JDBC driver to support any recent version of PostgreSQL for multi-user cases and PostgreSQL Central Repository.
		Added personas to the summary viewer in CVT.
		Handling of bad characters in auto ingest manifest files.
		Assorted small bug fixes.

Listing created by Repoview-0.6.6-4.el7