New versions of your favourite open source DFIR tools – the Sleuth Kit and Autopsy, – have been released.
- usnjls tool for NTFS USN log (from noxdafox)
- Added index to mime type column in DB
- Use local SQLite3 if it exists (from uckelman-sf)
- Blackboard Artifacts have a shortDescription metho
- Fix for highest HFS+ inum lookup (from uckelman-sf)
- Fix ISO9660 crash
- various performance fixes and added thread safety checks
- Beta version of new central repository feature has been added for correlating artifacts across
cases; results are displayed using an Interesting Artifacts branch of the Interesting Items tree and an Other Data Sources content viewer.
- Results viewer (top right area of desktop application) sorts are persistent and can be applied to either the table viewer or the thumbnail viewer.
- The View Source File in Directory context menu item now works correctly.
- Tagged image files in the HTML report are now displayed full-size.
- Case deletion is now done using a Case menu item and both single-user and general (not auto ingest) multi-user cases can be deleted.
- Content viewers (bottom right area of desktop application) now resize correctly.
- Some potential deadlocks during ingest have been eliminated.
- Assorted performance improvements, enhancements, and bug fixes.