Usage of Autopsy Browser
Step 1: Opening Autopsy by typing the command in the terminal.
- Click on Applications in Kali Linux
- Search for autopsy
- Enter the password in autopsy(root)
root@kali:~# autopsy -h
Invalid flag: -h
/usr/bin/autopsy is the command to use.
[-c][-C][-d evid_locker][[-i device filesystem mnt][-p port][remoteaddr]
-c: in the URL, force a cookie.
-C: No cookies are allowed in the URL.
-i device filesystem mnt: provide the evidence locker directory.
-d dir: specify the evidence locker directory.
-p port: provide the port of the server (default: 9999).
remoteaddr: use the browser to provide the host (default: localhost).
Step 2: Launching Autopsy through the browser.
Click on the link of localhost from the autopsy shell to launch autopsy in the default browser.
Now, we will select the name from the list. Here, we have selected the name Sudo.
Step 3: Adding Host.
- Start a new case.
- Add a new host or select any previously created firewall.
Step 4: Adding Image.
After creating the host, upload the image of the drive(generally have an extension of .dd).
Step 5: Analyzing Files.
After this click on FILE ANALYSIS.
Autopsy – Cyber Forensic Browser in Kali Linux
The Autopsy is a cyber forensic tool used for the analysis of Windows and UNIX file systems (NTFS, FAT, FFS, EXT2FS, and EXT3FS). It can also be used to recover deleted files and also show various sectors of uploaded images making it easier to make an in-depth analysis of the image. In this article, we will go through the actual usage of Autopsy Forensic Browser on the Linux operating system.
Contact Us