Data Artifacts, Analysis Results and Reporting in Autopsy
Offered By: DFIRScience via YouTube
Course Description
Overview
Syllabus
Autopsy Data Artifacts
Exploring the Windows 10 disk image
Autopsy: Data Artifacts
Installed Programs
Metadata
Operating System Information
Recent Documents
Recycle Bin
Run Programs
Run Programs - Verify with additional evidence
Autopsy analysis procedure overview
Shell Bags
USB Device Attached
Web Accounts
Web Bookmarks
Web Cache
Web Cookies
Web Downloads
Web Form Autofill
Web History
Web Search
Autopsy: Analysis Results
Encryption Suspected
EXIF Metadata
Extension Mismatch Detected
Interesting Files
Keyword Hits
Previously Unseen
User Content Suspected
Web Account Type
Web Categories
Artifacts and Results Overview
Bookmarked items review
Generate an artifact report based on bookmarks
Example full Autopsy report
How to use an Autopsy report
Conclusions
Taught by
DFIRScience
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network