- Data Source Grouping:
— The case tree view can now be grouped by data source.
— Keyword and file search can now be restricted to a data source.
- Central Repository / Correlation:
— New common files search feature that finds files that exist in multiple devices in the same case.
— The Other Occurrences content viewer now shows matches in the current case (in addition to central repository).
— Central repository options panel now shows cases that are in repo.
- A comment about a file can be created and saved in the central repository so that future cases and see it.
- Keyword Search:
— Can enable OCR text extraction of PDF and JPG files using Tesseract.
— Keyword search module normalizes Unicode text.
— Keyword search module uses ICU to convert text files that do not have a BOM.
— Tagging menu changed to have user defined tags at top and “quick tag” removed one level of menus.
— New “Replace Tag” feature to change the tag on an item.
— SQLite tables can be now be exported to CSV files.
— An interesting file artifact is now created when a “zip bomb” is detected.
— An object detection ingest module was added to the Experimental module. It requires an OpenCV trained model.
- Expanding the case tree is more efficient.
- Improved “zip bomb” detection.
- Assorted small bug fixes are included.
Directly related posts: