Home Software Autopsy 4.5.0 and the Sleuth Kit 4.5.0 have been released

Autopsy 4.5.0 and the Sleuth Kit 4.5.0 have been released

0
0
2,385

The new versions of your favourite open source digital forensics tools – the Sleuth Kit and Autopsy have been released.

The Sleuth Kit 4.5.0

New Features:

  • Support for LZVN compressed HFS files (from Joel Uckelman).
  • Use sector size from E01 (helps with 4k sector sizes).
  • More specific version number of DB schema.
  • New Local Directory type in DB to differentiate with Virtual Directories.
  • All blackboard artifacts in DB are now ‘content’. Attachments can now be children of their parent message.
  • Added extension as a column in tsk_files table.

Bug Fixes:

  • Faster resolving of HFS hard links.
  • Lots of fixes from Google Fuzzing efforts.

Autopsy 4.5.0

  • Memory usage has been reduced to improve support for very large cases.
  • New central repository feature has been added that allows you to correlate between cases and track if an item was previously identified as being “bad” or notable.
  • Message attachments are not associated with the message (and not just the source file). These can be found in the data sources and messages parts of the tree.
  • Credit card number search has added logic to reduce false positives based on number lengths.
  • Virtual directory nodes in the tree view are distinguished in the Data Sources tree by the addition of a “V” to their icon. These are folders that Autopsy/TSK created.
  • A new version of the automated ingest dashboard has been added to allow insight into pending, running and completed automated ingest jobs in automated ingest Examiner mode.
  • All occurrences of “Known Bad” in the user interface have been changed to “Notable.”
  • Assorted small enhancements and bug fixes are included.
Load More Related Articles
Load More In Software

Leave a Reply

Your email address will not be published. Required fields are marked *