Hello guest, if you read this it means you are not registered. Click here to register in a few simple steps, you will enjoy all features of our Forum.
Rules have been updated! Here

Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5

[-]
Tags
s image exif metadata and

Image's metadata and exif
#1
When analyzing a image, you have to check the exif and the metadata, here you can find some useful information. The exif, that stand for Exchangeable image file format, contains some information about the camera or the program that edited the image. Here you can find also where the image was taken or which device took it, but sometimes can happen that these information have been removed by softwares or sites.
But before analyzing the original image make a backup and work on a copy not on the original one!!! Since you are searching these info with the goal to bring them to the court, you have to keep in mind that you have to use trusted softwares or your extracted information will be considered not trustworthy.

A known and used forensic tool is Autopsy, this is a multipurpose software that support different devices and analysis methods. This software also supports the creation of a report, the one that you will have to bring to the court as evidence. Every info can be used to prove that the suspect is guilty of a crime.

The images formats that support by default the exif are TIFF and JPEG. Between these information there are some important information like GPS location, camera model(or phone model depending on the device used to shoot it). Some social networks remove them to protect the users privacy. Keep in mind that there are some anti-forensics method that can alter or remove the exif data of an image, the only way to know if the exif have been altered is by using your common sense. For example if you know the suspect is a tech expert you should be cautious to consider the exif metadata as truthful. The goal of the suspect is to make you waste time with false information obtained from the exif(GPS, device name etc.).


Here you can find all the features of autopsy:
Code:
https://sleuthkit.org/autopsy/features.php
Download:
Code:
https://www.autopsy.com/download/
Portables and Repacks Workbench
DON'T SHARE MY LINKS OUTSIDE AiOWARES
PM ME FOR A RE-UPLOAD
[-] The following 5 users say Thank You to Bl4ckCyb3rEnigm4 for this post:
  • cenahum, Fractal Giant, GlacialMan, mare1, mr.bantu
Reply
#2
I'm not a forensics person but I am interested in how an image is created and how watermarks work. While futzing with GIMP one day I came across fourier analysis and found that the images on the giant aggregator sites like getty and/or alamy put (what I believe) are spectral watermarks in their images.

These spectral watermarks are not visible and are pretty durable to manipulation.

Fascinating stuff!
[-] The following 1 user says Thank You to Fractal Giant for this post:
  • Bl4ckCyb3rEnigm4
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)