![[-]](https://www.aiowares.com/images/collapse.png "[-]")
07-13-2020, 11:05 AM
When analyzing a image, you have to check the exif and the metadata, here you can find some useful information. The exif, that stand for Exchangeable image file format, contains some information about the camera or the program that edited the image. Here you can find also where the image was taken or which device took it, but sometimes can happen that these information have been removed by softwares or sites.
But before analyzing the original image make a backup and work on a copy not on the original one!!! Since you are searching these info with the goal to bring them to the court, you have to keep in mind that you have to use trusted softwares or your extracted information will be considered not trustworthy.
A known and used forensic tool is Autopsy, this is a multipurpose software that support different devices and analysis methods. This software also supports the creation of a report, the one that you will have to bring to the court as evidence. Every info can be used to prove that the suspect is guilty of a crime.
The images formats that support by default the exif are TIFF and JPEG. Between these information there are some important information like GPS location, camera model(or phone model depending on the device used to shoot it). Some social networks remove them to protect the users privacy. Keep in mind that there are some anti-forensics method that can alter or remove the exif data of an image, the only way to know if the exif have been altered is by using your common sense. For example if you know the suspect is a tech expert you should be cautious to consider the exif metadata as truthful. The goal of the suspect is to make you waste time with false information obtained from the exif(GPS, device name etc.).
Here you can find all the features of autopsy:
Download:
But before analyzing the original image make a backup and work on a copy not on the original one!!! Since you are searching these info with the goal to bring them to the court, you have to keep in mind that you have to use trusted softwares or your extracted information will be considered not trustworthy.
A known and used forensic tool is Autopsy, this is a multipurpose software that support different devices and analysis methods. This software also supports the creation of a report, the one that you will have to bring to the court as evidence. Every info can be used to prove that the suspect is guilty of a crime.
The images formats that support by default the exif are TIFF and JPEG. Between these information there are some important information like GPS location, camera model(or phone model depending on the device used to shoot it). Some social networks remove them to protect the users privacy. Keep in mind that there are some anti-forensics method that can alter or remove the exif data of an image, the only way to know if the exif have been altered is by using your common sense. For example if you know the suspect is a tech expert you should be cautious to consider the exif metadata as truthful. The goal of the suspect is to make you waste time with false information obtained from the exif(GPS, device name etc.).
Here you can find all the features of autopsy:
Code:
https://sleuthkit.org/autopsy/features.phpCode:
https://www.autopsy.com/download/