Autopsy module to split individual email messages from large files (e.g. PST files) within the scope of final project from the Computer Science Degree fromn ESTG "Escola Superior de Tecnologia e Gestão do Instituto Politécnico de Leiria", Portugal.
The focous of this program is create an alternative to the module Email Parser, used by Autopsy, in an attemp to provide functionalities that this one lacks, im particulary, extracting individual email messages.
Is also provided the alternative to use it as a report module or as a standalone application.
There are two options providend when running this program:
-
As an Autopsy module (Windows):
- Download EmailSlicerReportModule.zip
- Extract its content to Tools - Python Plugins
- Install dependencies, by oppening the terminal inside de extrated folder and running the command:
- py -m pip install -r required_packages.txt --user
-
As an Autopsy module (Linux):
- Download EmailSlicerReportModule.zip
- Extract its content to Tools - Python Plugins
- Install dependencies, by oppening the terminal inside de extrated folder and running the command:
- python3 -m pip install -r required_packages.txt --user
- sudo apt install pst-utils, graphviz
-
As a standalone application:
- Download EmailSlicerStandalone.zip
- Extract its content to desired location
- Install dependencies, by oppening the terminal inside de extrated folder and running the command:
- Windows:
- py -m pip install -r required_packages.txt --user
- Linux:
- python3 -m pip install -r required_packages.txt --user
- sudo apt install pst-utils, graphviz
- Windows:
-
As an Autopsy module:
- Add the desired files to be analised to the opened case
- Select "Generate Report"
- Select "Email Slicer report"
- Wait for the module to finish (the extracted content will be stored in the "TEMP" folder of the current case)
-
As a standalone application:
- Open a temrinal window
- Navigate to the extrated location o the program
- Run the gram (run py EmailSlicer.py -h for options)
- Wait for the program to finish
- André Agostinho Nogueira
- Projet developed under the guidance and coordination of Professors Dr. Miguel Monteiro de Sousa Frade and Patrício Rodrigues Domingue
- Project still in development.
- The "Contest" version was only tested on Windows machines and it's the version that will be submitted to Autopsy module contest.
- The "Project" version was part of a school project and it was modified to be submitted to the Autopsy module contest.
- In case of any bug feel free to contact me at andre.nogueira@email.com