Hi everyone, welcome back to Aze IT Studio post. Today i am going to tell you about image forensic using JPEGsnoop for windows and also Exiftool for linux.

Before we go to the tutorial, firstly i want to explain what image forensic is. Image forensic is one of the forensic technique which ultilize image as source to obtain its metadata which will be used to determine the origin of the image.

In this post, i will share how to do simple image forensic using JPEGsnoop (Windows) & Exiftool (Linux)

Forensic image using JPEGsnoop on Windows :

At first, you need to prepare two image that will be analyzed. One original image and another one is edited image (you can use photoshop or whatever editing tools)

digital forensic

Fig 1. Original image
digital forensic

Fig 2. Edited image

Then, open your JPEGsnoop then insert this image one by one to the apps then press enter. The apps will automatically analyzed image metadata.

digital forensic

Fig 3. JPEGsnoop

On original file you will obtain information as on the figure below

Digital Forensic

Fig 4. Metadata analysis on the original image

While on edited image you will find information as on the figure below

digital forensic

Fig 5. Metadata analysis on the edited image

Next is simply image forensic using exiftool on linux.

Still using the same image after install the apps you just need to run it using this command as shown in figure below.

digital forensic

Fig 6. How to run exiftool and the result of original image

While for edited image the result will be as shown on the figure below

digital forensic

Fig 7. Result of edited image

Summary :

From both tools we haved used, it is proven that both is powerfull tools to analyze metadata of image and give the information clearly about the origin of the image.

That's all for today everyone. Don't forget to stay tune in Aze IT Blog, share to your social media, and keep learning. 

Thank you everyone.... 

Post a Comment