mirror of
https://github.com/overcuriousity/autopsy-flatpak.git
synced 2025-07-06 21:00:22 +00:00
34 lines
927 B
Plaintext
Executable File
34 lines
927 B
Plaintext
Executable File
/*! \page archive_extractor_page Archive Extractor Module
|
|
|
|
What Does It Do
|
|
========
|
|
|
|
The Archive Extractor module opens ZIP, RAR, and other archive formats and sends the files from those archive files back through the ingest pipeline for analysis.
|
|
|
|
This module expands archive files to enable Autopsy to analyze all files on the system. It enables keyword search and hash lookup to analyze files inside of archives
|
|
|
|
Configuration
|
|
=======
|
|
|
|
There is no configuration required.
|
|
|
|
Using the Module
|
|
======
|
|
Select the checkbox in the Ingest Modules settings screen to enable the Archive Extractor.
|
|
|
|
Ingest Settings
|
|
------
|
|
There are no runtime ingest settings required.
|
|
|
|
Seeing Results
|
|
------
|
|
Each file extracted shows up in the data source tree view as a child of the archive containing it,
|
|
|
|
\image html zipped_children_1.PNG
|
|
<br>
|
|
<br>
|
|
and as an archive under "Views", "File Types", "Archives".
|
|
\image html zipped_children_2.PNG
|
|
|
|
*/
|