Tweet
Currently working a case involving illicit images.
Deleted file search revealed a couple hundred picture files of potential interest.
To determine if it is something worthy of including in the case report I must open each file in the viewer and then go back to the file, right click and then select the appropriate action (for me, typically "Add To Case"). I then need to close the viewer so I do not end up with multiple viewers open as I scroll through the file list.
Possible solutions.
1. Allow for viewing of pictures as thumbnails
2. Integrate the right click menu into the file viewer (then I could scroll through the pictures using the file viewer).
- It would be nice to bookmark files in the Deleted Files Search results.
- It would be nice to compare the HASH of a file in the Deleted Files Search against a HASH set.
Added:
- Some indication that a file from the Deleted Files Search has been included in the case.
Deleted file search revealed a couple hundred picture files of potential interest.
To determine if it is something worthy of including in the case report I must open each file in the viewer and then go back to the file, right click and then select the appropriate action (for me, typically "Add To Case"). I then need to close the viewer so I do not end up with multiple viewers open as I scroll through the file list.
Possible solutions.
1. Allow for viewing of pictures as thumbnails
2. Integrate the right click menu into the file viewer (then I could scroll through the pictures using the file viewer).
- It would be nice to bookmark files in the Deleted Files Search results.
- It would be nice to compare the HASH of a file in the Deleted Files Search against a HASH set.
Added:
- Some indication that a file from the Deleted Files Search has been included in the case.
Comment