mstoeck3/autopsy-flatpak
1
0
Fork 0
mirror of https://github.com/overcuriousity/autopsy-flatpak.git synced 2025-07-06 21:00:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #6342 from APriestman/6813_ileapp

Browse Source 
6813 iLEAPP doc
This commit is contained in:
Richard Cordovano 2020-09-25 13:58:40 -04:00 committed by GitHub
commit 6348591cfa
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 22 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
docs/doxygen-user/ileapp.dox Normal file
View File

@ -0,0 +1,20 @@
/*! \page ileapp_page iOS Analyzer (iLEAPP)
[TOC]
\section ileapp_overview Overview
The iOS Analyzer ingest module runs iLEAPP (https://github.com/abrignoni/iLEAPP) and converts the results into results that can be viewed in Autopsy.
\section ileapp_config Using the Module
Select the checkbox in the Ingest Modules settings screen to enable the IOS Analzyer (iLEAPP) module. In Autopsy 4.17.0 the module only runs on .tar/.zip files found in a \ref ds_log "logical files data source".
\section ileapp_results Seeing Results
Results from the iOS Analyzer module will appear in the \ref tree_viewer_page under Results->Extracted Content.
\image html ileapp_main.jpg
*/

BIN
docs/doxygen-user/images/ileapp_main.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 216 KiB

1
docs/doxygen-user/main.dox
View File

@ -50,6 +50,7 @@ The following topics are available here:
- \subpage plaso_page - \subpage plaso_page
- \subpage drone_page - \subpage drone_page
- \subpage gpx_page - \subpage gpx_page
- \subpage ileapp_page
- Reviewing the Results - Reviewing the Results
- \subpage uilayout_page - \subpage uilayout_page

1
docs/doxygen-user/quick_start_guide.dox
View File

@ -49,6 +49,7 @@ The standard ingest modules included with Autopsy are:
- <strong>\subpage plaso_page</strong> uses Plaso to create \ref timeline_page "timeline" events. - <strong>\subpage plaso_page</strong> uses Plaso to create \ref timeline_page "timeline" events.
- <strong>\subpage android_analyzer_page</strong> allows you to parse common items from Android devices. Places artifacts into the BlackBoard. - <strong>\subpage android_analyzer_page</strong> allows you to parse common items from Android devices. Places artifacts into the BlackBoard.
- <strong>\subpage gpx_page</strong> extracts geolocation data from .gpx files. - <strong>\subpage gpx_page</strong> extracts geolocation data from .gpx files.
- <strong>\subpage ileapp_page</strong> extracts data from iOS data sources.
When you select a module, you will have the option to change its settings. For example, you can configure which keyword search lists to use during ingest and which hash sets to use. Refer to the individual module help for details on configuring each module. When you select a module, you will have the option to change its settings. For example, you can configure which keyword search lists to use during ingest and which hash sets to use. Refer to the individual module help for details on configuring each module.