Table of Contents
- Page 1 – Introduction, Screenshots, Updating EZ Tools in KAPE
- Page 2 – How to Use KAPE, Usage Scenarios
- Page 3 – Examining KAPE Output
- Page 4 – Miscellaneous
- Page 5 – Conclusion, KAPE-Related Blog Posts/Videos, Change Log
Conclusion
There’s always something new to learn. Hopefully you learned something new and actionable that you can use on your next case, regardless of the nature of it. If there’s anything you feel is missing from this page, let me know!
In the meantime, see below for some other resources that cover KAPE in detail, as well.
KAPE-Related Blog Posts/Videos
13Cubed – Introduction to KAPE
3MinMax Series Topic Review – Using KAPE in Forensics
Child Exploitation Investigation – Express Analysis with KAPE
Conducting Efficient Insider Threat Investigations using KAPE
Episode 80: Learning about the KAPE tool.
Episode 81: Understanding and Using KAPE Target Files
Episode 82: Understanding and Using KAPE Module Files
Episode 83: Explaining the KAPE GUI Version -Target Side
Episode 84: Explaining the KAPE GUI Version – Module Side
Episode 85: Running KAPE through the GUI Version
Episode 86: Reviewing the Output Created by KAPE
Exploring KAPE’s Graphical User Interface in v0.8.2.0
Express Artifact Analysis and Timeline Development with KAPE
KAPE + EZ Tools and Beyond – OSDFCon 2019 – Eric Zimmerman
Triage Collection and Timeline Generation with KAPE
Webcast: Express Artifact Analysis and Timeline Development with KAPE
Change Log
- 7/17/2020 – Initial version published.
- 7/21/2020 – More links added
- 8/9/2020 – More links added, minor fixes
- 8/12/2020 – Added ProTip in Targets section
- 8/19/2020 – Added link to Timeline Explorer Guide where appropriate
- 8/21/2020 – Fixed a few issues with punctuation consistency
- 8/25/2020 – Added more YouTube links to Page 3 for Registry Artifacts, fixed broken Table of Contents links
- 10/13/2020 – Added another YouTube link for the Child Exploitation Investigation Kroll Webinar
- 10/18/2020 – Added multiple YouTube links, sorted the links alphabetically
- 10/24/2020 – Added new GIFs covering features added in 0.9.5.0 and recent KapeFiles target reorganization
- 10/30/2020 – Fixed links that were broken as a result of the recent KapeFiles target reorganization
- 12/13/2020 – Added link to GitHub repository that hosts KAPE !EZParser output. Added information regarding on how to keep EZ Tools, maps, and Targets and Modules updated in KAPE and the EZ Tools that KAPE points to
- 1/12/2021 – Added links to the newly created KAPE Target Guide and KAPE Target Templates on the KapeFiles GitHub repo
- 4/17/2021 – Added new links
- 8/27/2022 – Updated dead links. Grammarly suggestions implemented