Meet The Newest Member of the xLeapp FamilyThe newest member of the xLeapp family is lLeapp, which stands for Linux Logs Events Application Program Parser. This program, like all the…May 19, 2022May 19, 2022
Process a ChromeOs Acquisition Using The cLeapp Autopsy PluginWith the introduction of cLeapp (Chrome Logs, Events and Protobuf Parser), I have created an Autopsy plugin that will run cLeapp against a…May 10, 2021May 10, 2021
New Autopsy Modules Now AvailableIt is starting to get to that time of the year where I get ready to submit modules to the OSDFCon Autopsy Module Competition. So far I…Jul 7, 2020Jul 7, 2020
New Release of Autopsy PluginsI have updated my plugins and created a new release of them in my GitHub repository. You can download the new release here.Mar 28, 20191Mar 28, 20191
A Plugin For Developer — Remove ArtifactsWhen I started down my path of creating Autopsy plugins one of the biggest issues I had was in testing them. I would create a case, backup…Dec 6, 2018Dec 6, 2018
ActivitiesCache Autopsy PluginThe ActivitiesCache.db was introduced in Windows 10 version 1803. You can read more details about the database here and here. Eric…Dec 6, 2018Dec 6, 2018
Timesketch with Autopsy DataRenzik now has a new friend in Timesketch. If you have ever wanted to add Timesketch to your Autopsy workflow you now can. The new…Oct 29, 2018Oct 29, 2018
Hashing Non EWF Images In AutopsyAs I was going thru the list of Autopsy requests I found one that talked about hashing Disk Images. Now there is an ingest module to…Aug 28, 2018Aug 28, 2018
New Autopsy Modules Have Been Released……I have released some new modules to my github repository. I will be planning on creating writeups for each one of them within the next…Aug 28, 2018Aug 28, 2018
Parse The Appx Programs In AutopsyHave you recently look at the Settings → Apps → Apps and Features and then compared it to the Program and Features found in the control…May 31, 20182May 31, 20182
