archives

browser forensics

This tag is associated with 2 posts

Browser Anti Forensics

This write-up is just to demonstrate that how one’s browser history can go off track misleading the examiner. An investigator can identify it by noticing the odd in history, sample given in Figure 2. Let’s first take a closer look at this page below (Figure 1)– the URL (says cnn.com) and the title of tab … Continue reading

Firefox Cache Format and Extraction

Introduction In the forensic lab where I work, we frequently investigate malware-infected workstations.  As our user population started shifting from Internet Explorer to Firefox, we observed that one of our favorite forensic tools, Kristinn Gudjonsson’s log2timeline, wasn’t able to provide as much data for Firefox as it was for IE.  The missing component was cache … Continue reading

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 1,209 other followers