Getting Started#

This guide walks you through how to begin digital forensic analysis using the unJaena AI platform, step by step.

1. Create an Account#

1. Visit unjaena.com.
2. Click the Start Free button.
3. Enter your email address and set a password.
4. Click the verification link sent to your email to activate your account.

You receive 100 free credits upon sign-up, which is enough to analyze one small case.

2. Download the Collector#

Download#

1. After logging in, navigate to the Download page.
2. Download the installer for your current operating system:
   • Windows: .exe installer
   • macOS: .dmg disk image
   • Linux: .tar.gz archive

Setup#

Windows:

1. Right-click the downloaded .exe file and select Run as administrator to launch.

macOS:

1. Double-click the .dmg file to mount it.
2. Drag unJaena Collector to the Applications folder.
3. On first launch, allow the app in System Preferences > Security.

Linux:

1. Extract the archive in your terminal.
2. Run chmod +x install.sh to grant execution permissions.
3. Run sudo ./install.sh to install dependencies.

3. Create Your First Case#

1. Log in to the web platform.
2. Click the New Case button on the dashboard.
3. Enter the case details:
   • Case Name: A name to identify the investigation (e.g., "2026-03 Internal Investigation")
   • Description (optional): Background and purpose of the investigation
   • Analysis Language: Choose from Korean, English, Japanese, or Chinese
4. Click Create.

4. Run Evidence Collection#

Live Collection (Using the Collector Tool)#

1. Launch the downloaded unJaena Collector.
2. Connect it to the case you created on the platform.
3. Select the artifact collection scope:
   • Quick Collection: Core artifacts only (approximately 5-10 minutes)
   • Full Collection: All artifacts (approximately 15-30 minutes)
4. Click Start Collection.
5. Once collection is complete, data is automatically uploaded to the platform.

Disk Image Upload#

You can also upload disk images directly.

Supported formats: E01, VDI, VMDK, VHD, VHDX, QCOW2, DMG, RAW

1. Click the Upload Evidence button on the case page.
2. Select your disk image file.
3. Once the upload completes, parsing and indexing begin automatically.

Mobile Devices#

• iOS: Upload iTunes backup files (140 artifact types supported).
• Android: Upload ADB backup or extraction files (51 artifact types supported).

5. Review AI Analysis Results#

Once data upload and indexing are complete, you can begin AI analysis.

Making Queries#

Enter natural language questions on the analysis page. Here are some good starter questions:

• "Were there any suspicious activities in the past week?"
• "Show me USB device connection records"
• "Find any traces that suggest malware infection"
• "Perform a kill-chain analysis of this system"

Understanding Analysis Results#

AI analysis results include the following information:

• Findings Summary: Key findings organized by priority
• Evidence Citations: Specific artifact evidence for each claim
• Timeline: Chronological reconstruction of events
• MITRE ATT&CK Mapping: Kill-chain phase classification of detected threats
• Confidence Indicators: Confirmed / Highly likely / Requires further investigation

Follow-Up Analysis#

Based on initial analysis results, you can investigate further through follow-up questions. The AI maintains previous conversation context, allowing you to conduct analysis conversationally.

Next Steps#

• Collector Guide: Detailed collection methods for each platform
• Malware Lab Guide: Malware analysis using YARA/CAPA/Ghidra