Computer Forensics Analysis using Autopy
What is Computer Forensics?
Computer forensics involves investigating digital devices to uncover evidence of cybercrimes. I demonstrated my skills by analyzing data from compromised systems, identifying malicious activities, and recovering deleted files. Through hands-on projects, I showcased my ability to use forensic tools and methodologies to support cybercrime investigations and ensure data integrity.
What Software was Used?
The software that was used in the computer forensic case was Autopsy. Autopsy is an open-source digital forensics tool used by law enforcement, corporate investigators, and security professionals for analyzing data from digital devices. It offers a user-friendly interface and features like file system analysis, keyword search, file carving, timeline analysis, hash filtering, and a modular framework for extensibility. Autopsy is used in incident response, data recovery, criminal investigations, employee misconduct cases, and litigation support. It allows for collaborative investigations and detailed reporting, making it a powerful tool for analyzing and managing digital evidence.
Case Study
Alex, a wealthy businessman with political motives, plans to deface art in the National Art Gallery in Washington DC and recruits Carry to organize the act using "tourists." Carry enlists Tracy, a supervisor at the gallery and an acquaintance, under the guise of organizing a flash mob, offering money to Tracy, who has financial troubles. Tracy communicates with Carry about the plan and also conspires with her brother Pat, using aliases, to steal stamps from the gallery. Tracy's ex-husband, Joe, discovers these plots via a keylogger he installed on her computer and reports her to the police, leading to the discovery of both the theft and defacement plans and the seizure of Tracy's computer and external hard drive.
Security Personnel on Tracy's Computer
The security personnel duty schedule found on Tracy's computer links her to the National Art Gallery case as it is highly suspicious for her to possess this information, given her role as a supervisor, which does not typically grant access to security schedules. This unauthorized access suggests potential involvement in planning illicit activities, corroborating the conspiracy to commit theft and the defacement plot uncovered through her communications with Carry and her brother Pat. The presence of this file further implicates her in facilitating the breach of security necessary for these criminal activities.
Stamp Insurance Value found on Tracy's Computer?
The stamp insurance document found on Tracy's computer links her to the National Art Gallery case, as it highlights her awareness of the stamps' value, which she discussed with her brother Pat in their emails. Possession of this information is highly suspicious and suggests her involvement in planning the theft of these valuable items. The use of Timeline Analysis, Thumbnail Viewer, and Media Playback tools further reveals the extent and context of her communications and activities, solidifying her connection to the conspiracy.
Email sent for Keylogger
The email sent to test the keylogger's functionality is not directly linked to the National Art Gallery case but demonstrates that Joe, Tracy's ex-husband, had installed a keylogger on her computer. The Email Analysis Tool uncovered this email, confirming Joe's monitoring activities, which ultimately led to the discovery of Tracy's involvement in the theft and defacement plots. This background explains how Joe became aware of the illegal activities and reported them to the police, leading to the seizure of Tracy's computer and further investigation.
Contact Me
ridwanjeylani@hotmail.com
07847515425
© 2024. All rights reserved.