A compiled Windows executable for plaso compatible with Autopsy 4.15.0

sleuthkit / autopsy

Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It can be used by law enforcement, military, and corporate examiners to investigate what happened on a computer. You can even use it to recover photos from your camera's memory card.

http://www.sleuthkit.org/autopsy/

2.39k stars 595 forks source link

A compiled Windows executable for plaso compatible with Autopsy 4.15.0 #6047

Open Baricanac opened 4 years ago

Baricanac commented 4 years ago

Has anyone compiled a (the latest plaso build perhaps?) Windows executable for plaso that is compatible with Autopsy 4.15.0?

markmckinnon commented 4 years ago

The version of Plaso that comes as part of Autopsy is 20180808. You can try and compile or use a newer version but there is no guarantee it will work like the version that comes with Autopsy as it has not been throughly tested.