Hash_Logos-for-Software_Smaller-03-298x3002017 Module Development Contest

Basis Technology is again sponsoring an Autopsy Module Development Contest. The goal is to encourage developers to write Autopsy modules instead of stand-alone tools. Now that Autopsy supports Python modules, this is easier than ever.

Writing new functionality as Autopsy modules make users happy because they don’t have to jump between tools and it makes developers happy because they get to ignore details about the file system, image formats, and interfaces.

You can write ingest modules that focus on processing all of the drive data, content viewer modules that focus on displaying a single file, report modules that focus on exporting data from the case,  or an external module that provides its own UI (similar to the timeline viewer in Autopsy).  Attendees of OSDFCon will vote on the winners, who will receive cash prizes.

Prizes

  • First Prize: $1500
  • Second Prize: $500
  • Third Prize: $250

Basis Technology will double the prize amounts if there over 12 submissions.

Getting Started

If you need an idea, then you can refer to the github issue tracker:

https://github.com/sleuthkit/autopsy/issues?labels=Feature+Request&page=1&state=open

Once you have your idea, you can then start looking at some of our docs. We’d recommend starting with our tutorial series from last year on writing Python modules.

  • The File Ingest Module tutorial outlined how to look for files that had certain characteristics (in the tutorial, we look for big and round files).
  • The Data Source Ingest Module tutorial outlined how to query the database for a given file name and open it in SQLite.
  • The Report Module tutorial outlined how to make a CSV report module.

The general approach to making a Python module is to find the one that is most similar to what you want to build and copy it. All of our sample modules are in the public domain.

You can also refer to the more in-depth Autopsy Developer’s Guide for instructions on writing Java or Python modules:

Guidelines

  1. The Autopsy modules must provide value in a forensics or incident response use case.
  2. The module must be released as open source software by the submission deadline under one of the licenses approved by the Open Source Initiative.
  3. By submitting an entry, you declare that you have the right to license and submit the module.
  4. The contest organizers will test the module before the conference to verify that it basically operates as stated.
  5. You must either give a 5-minute presentation and demo at OSDFCon or submit a 5-minute video. If you cannot attend the conference, the video must be submitted by October 9, 2017.
  6. In order to collect the cash prizes, winners need to provide a legal picture identification and bank account information within 30 days of notification. Bank payment transfer will be made within two weeks after winners are authenticated.
  7. Group entries are allowed; prizes will be paid to the person designated by the group.
  8. Employees of Basis Technology are not eligible.

How To Submit

Submissions should be sent to module-submissions2017@osdfcon.org no later than October 2, 2017. The submission should include the module (.NBM file for Java modules, .ZIP file for Python modules), test data to demo the module, and answers to the following questions:

  • Name of module
  • Names of authors
  • Minimum version of Autopsy required
  • Description of what module does
  • Will the authors attend OSDFCon?
  • URL of where source code can be found
  • License of source code

Note that if you cannot provide test data that is properly sanitized, we will still accept the submission, but we will have to give a disclaimer that it could not be tested.

Contact:

Any Autopsy or development related questions should be sent to: sleuthkit-developers@lists.sourceforge.net or http://forum.sleuthkit.org.

Disclaimer:

Prizes are considered taxable income. Basis Technology must report prizes over $600 to the IRS. If you win the first place prize, you will need to provide Basis Technology with your Tax ID.  If you do not feel comfortable doing this, we can donate it to a charity of your choice.