Autopsy 4.7.0

New Features:

• A graph visualization was added to the Communications tool to make it easier to find messages and relationships.
• A new "Application" content viewer (lower right) that will contain file-type specific viewers (to reduce number of tabs).
• New viewer for SQLite databases (in Application content viewer)
• New viewer for binary PLists (in Appilcation content viewer)
• L01 files can be imported as data sources.
• Ingest filters can now use date range conditions for triage.
• Passwords to open password protected archive files can be entered (by right clicking on the file).
• Reports (e.g., RegRipper output) generated by ingest modules are now indexed for keyword search.
• PhotoRec carving module can be configured to keep corrupted files.
• Sector size can be specified for local drives and images when E01 is wrong or it is a raw image.
• New data source processor in Experimental module that runs Volatility, adds the outputs as files, and parses the reports to provide INTERESTING_FILE artifacts.
• Assorted small enhancements are included.

Bug Fixes:

• Memory leaks and other issues revealed by fuzzing the The Sleuth Kit have
  been fixed.
• Result views (upper right) and content views (lower right) stay in synch when switching result views.
• Concurrency bugs in the ingest tasks scheduler have been fixed.
• Assorted small bug fixes are included.