Elevator Pitch
Quick introduction to conducting computer forensic skills, oriented to newbies in computer forensics, showing the expert work, or forensics who can see the opportunity to learn more about plugin programming . Cover all tasks, from evidence seizure, forensic copies, analyze and creating a plugin.
Description
I will cover some introduction about foresic expert work using Autopsy, covering 1- Get evidence. Considerations about getting evidence from the field, preserving it. Chain of custody. 2- Make forensic copies Using free software to make forensic sound images on evidence. Using open source software. 3- Data analysis with Autopsy The Autopsy SleuthKit’s workflow, from creating a case to obtaining reports. Overview of the Graphical Interface and the posibilities. 4- Extending Autopsy with Python How to extend autopsy using python, creating modules. The developing environment, module’s types and use cases of each one. 5- My plugin, used to present evidence in a real case. My real experience using this extending capabilities included in autopsy, and why it was very helpful on a specially difficult case.