mirror of
https://github.com/overcuriousity/autopsy-flatpak.git
synced 2025-07-06 21:00:22 +00:00
14 lines
1.8 KiB
Plaintext
14 lines
1.8 KiB
Plaintext
/*! \page overview Overview
|
|
|
|
\section Overview
|
|
Autopsy allows you to conduct a digital forensic investigation. It is a graphical interface to The Sleuth Kit and other tools. This page outlines the basic concepts of the program. The remainder of the help guide is organized around these concepts.
|
|
The main Autopsy features include: importing a Data Source (image, disk, files) and exploring its file systems, running analysis modules (ingest), viewing ingest results, viewing content and generating reports.
|
|
Autopsy is an extensible application; it provides a plug-in framework that allows other other parties to supply plug-ins and supply additional: image and file ingest for new types of analysis, different content viewers and different types of reports to be supported. There are plug-ins for for several ingest modules, viewers and reports that are bundled by default with Autopsy.
|
|
All data is organized around the concept of a case. A case can have one or more data sources loaded into it.
|
|
The main window has three major areas:
|
|
\li \ref data_explorer "Data Explorer Tree": This area is where you go find major analysis functionality. It allows you to start finding the relevant files quickly.
|
|
\li \ref result_viewers "Result Viewers": This area is where the files and directories that were found from the explorer window can be viewed. There are different formatting options for the files.
|
|
\li \ref content_viewers "Content Viewers": This area is where file content can be viewed after they are selected from the Result Viewer area.
|
|
The main take away from this should be that analysis techniques and result categories can be found on the left-hand side, the results from choosing something on the left are always listed in the upper right, and the file contents are displayed in the lower left.
|
|
|
|
*/ |