Parse SQLite Databases for records that no longer exists in the database.
This section will go over the different ways that you can install the SQLite DB Del Records Plugin.
This method is the only method that can be used on Linux or Mac.
- To install the Parse SQLite DB Del Records plugin first you must download a ZIP file containing all of the plugins. This ZIP file contains a number of Autopsy plugins.
- Unzip the ZIP file.
- Move the folder named Parse_SQLite_Del_Records to the plugin directory.
- To figure out the plugin directory you can go to Tools > Python Plugins inside of the Autopsy Menu System and it should open the folder where the plugin should go.
- Restart Autopsy if it is running.
- Download the installer.
- Run the installer following the prompts.
- To run the plugin you can right click a folder inside of your datasource and run the Run Ingestion Modules options.
- A popup will appear. Select Parse SQLite Del Rec in the list of plugins. Type the name of the DB file you are attempting to parse as well as press the checkbox.
- Hit finish.
- Your results should appear inside of Extracted Content on the main Autopsy screen.
If you are having problems running the software please create an issue on GitHub.