IPED
IPED copied to clipboard
sepinf-inc
IPED Digital Forensic Tool. It is an open source software that can be used to process and analyze digital evidence, often seized at crime scenes by law enforcement or in a corporate investigation by p...
The filter Hash\ Alert\ (Child\ Porn) in top left combo filters list, lists some CarveLed* files, but not all of them. Maybe this happens because not the entire file was...
Apple MOV media file store geolocation in metadata "video:com.apple.quicktime.location.ISO6709" and it is not parsed to fill IPED property "common:geo:locations", so filter "Geo-referenced Files" don't work.
EricZimmerman maintains a list of known APP IDs and their names used to name automatic and custom destinations files in https://github.com/EricZimmerman/JumpList/blob/master/JumpList/Resources/AppIDs.txt. This list could be used to add a metadata...
I detected that LNK files are extracted from automaticDestinations and customDestinations. As far as I could understand, they are extracted by "iped.parsers.misc.GenericOLEParser". But they are presented mixed with other LINK...
Add some configs to classify LNK extracted from automatic and custom destinations in respective category bellow Windows Artifacts. Closes #2277
I've noted that the partial hash info of filed carved by LedCarveTask is only stored in fields hashDB:md5_512 and hashDB:md5_64k if its integral hash matches with some hash in configured...
Metadata
Owner
Metadata
IPED Digital Forensic Tool. It is an open source software that can be used to process and analyze digital evidence, often seized at crime scenes by law enforcement or in a corporate investigation by p...