• 0Shopping Cart
Digital Detective
  • Home
  • Corporate
    • About Us
      • Executive Team
      • Our Clients
      • Testimonials
    • News and Events
      • Latest News
      • Press Release
    • Legal
      • Privacy Policy
      • Cookie Policy
      • Returns Policy
  • Products
    • Forensic Software
      • NetAnalysis®
      • HstEx®
      • Blade®
    • Downloads
      • Evaluation Request
      • Free Digital Forensic Tools
    • Product Documentation
      • NetAnalysis® Documentation
      • HstEx® Documentation
      • Blade® Documentation
  • Careers
  • Support
    • Knowledge Base
    • Support Portal
    • Digital Forensics Forum
  • Store
    • Forensic Software
    • View Shopping Cart
  • Blog
  • Contact Us
  • Search
  • Menu Menu

Forensic Analysis of the Zone.Identifier Stream

Digital Forensics, Forensic Analysis, Forensic Investigations
Security Link with Hand Cursor

Zone Identifier, ADS and URL Zones If you are new to the field of digital forensics, you may not be aware of Zone Identifiers, Alternate Data Streams (ADS) or URL Zones. If that is the case, then you have come to the right place. We shall explain all and show you exactly how they can […]

Read more →
8th October 2021/by Craig Wilson

Deciphering Seagate Date Codes [Free Tool]

Data Recovery, Digital Forensics, Forensic Analysis, Forensic Investigations
Seagate Hard Disk

Why is this Important? During a forensic examination, establishing a timeline of events is usually an important aspect in the analytical process. This may involve you having to identify when a hard disk was manufactured. If you are a data recovery engineer, this information can also be useful when trying to identify donor drives and […]

Read more →
13th July 2020/by Craig Wilson

Potentially Serious Issue with the Analysis of Mounted File Systems

Digital Forensics, Forensic Analysis, Forensic Investigations
Yellow warning side with black text showing danger

Introduction When using third party image mounting tools to perform the forensic examination of NTFS file systems, it is extremely important to understand NTFS Junction Points so that you don’t find yourself making a critical mistake during your analysis. An issue has been identified with third party image mounting software where NTFS junction points are […]

Read more →
30th April 2014/by Craig Wilson

Good Practice and Advice Guide for Managers of e-Crime Investigation

Digital Forensics, Forensic Investigations, Forensic Standards
Front page of the ACPO Manager Guide: Good Practice and Advice for Managers of e-Crime Investigation

Good Practice for e-Crime Investigations Criminal behaviour has shifted to take advantage of electronic mediums and serious and organised criminal networks have become increasingly sophisticated. Corporations, Government departments and businesses now need to invest considerable sums in order to protect their assets and data. Lloyds of London have stated that they are defending up to […]

Read more →
24th April 2014/by Craig Wilson

ACPO Good Practice Guide for Digital Evidence

Digital Forensics, Forensic Investigations, Forensic Standards
Front page of the ACPO Good Practice Guide for Digital Evidence

Digital Evidence Good Practice The ACPO good practice guide for dealing with computer based evidence was first released in the late 1990s. Since then, there have been five iterations; some of the changes include an update in document title. The guide is essential reading for anyone involved in the field of digital forensics. The latest […]

Read more →
24th April 2014/by Craig Wilson

Notes from Dongle Hell

Digital Forensics, Forensic Investigations
Dell XPS Laptop with Digital Detective USB Licence Dongle

Introduction One of the growth areas in digital forensics is the use of USB dongles for the licensing of software. Every single practitioner now finds themselves in dongle hell trying to manage a veritable menagerie of tiny USB devices just to enable them to carry out their day-to-day work. Of course, where dongles for core […]

Read more →
31st January 2012/by Paul Andrews

Random Cookie Filenames

Digital Forensics, Forensic Analysis, Forensic Investigations, Web Browser Forensics
Cookies next to a laptop keyboard

Internet Explorer Data As forensic examiners will be aware, Microsoft Internet Explorer stores cached data within randomly assigned folders. This behaviour was designed to prevent Internet data being stored in predictable locations on the local system in order to foil a number of attack types. Prior to the release of Internet Explorer v9.0.2, cookies were […]

Read more →
14th September 2011/by Craig Wilson

NetAnalysis® v1.52 – USB Dongle, Google Chrome Support and Export/Rebuild Entire Cache Option

Digital Forensics, Digital Foresnsic Software, Forensic Analysis, Forensic Investigations, HstEx®, NetAnalysis®, Web Browser Forensics
Computer keyboard with red enter key being pressed

Introduction to NetAnalysis® v1.52 Digital Detective is pleased to announce the release of NetAnalysis® v1.52 (and HstEx v3.6).  The release of this version has been eagerly awaited, so we are glad to say the wait is finally over. NetAnalysis® v1.52 adds a number of new features and fixes some minor bugs.  Some of the major new features released […]

Read more →
25th November 2010/by Craig Wilson

Understanding Microsoft Internet Explorer Cache

Digital Forensics, Digital Foresnsic Software, Forensic Analysis, Forensic Investigations, NetAnalysis®, Web Browser Forensics
Internet Explorer logo over a computer keyboard

Introduction The Internet Explorer disk cache is a storage folder for temporary Internet files that are written to the hard disk when a user views page from the Internet.Internet Explorer uses a persistent cache and therefore has to download all of the content of a page (such as graphics, sound files or video) before it […]

Read more →
16th June 2010/by Craig Wilson

Manual Identification of Suspect Computer Time Zone

Digital Forensics, Digital Foresnsic Software, Forensic Analysis, Forensic Investigations, Learning Digital Forensics, NetAnalysis®, Tutorial
View of earth showing text 'Manual Timezone Identification'

Introduction to Time Zone Identification In a digital forensic examination, establishing which Time Zone the system had been set to should one of the first examination tasks.  If this information is not established at an early stage and taken into account, the validity of Date/Time evidence may be brought into question.  Not only is this […]

Read more →
4th June 2010/by Craig Wilson
Page 1 of 212

Categories

Recent Posts

  • DataDump™ – Data Extractor
  • NetAnalysis® v3.3 and HstEx® v5.3 Released
  • NetAnalysis® v3.2 and HstEx® v5.2 Released
  • Forensic Analysis of the Zone.Identifier Stream
  • NetAnalysis® v3.1 Released

Tags

ACPO AOL Big Endian Browser Evidence Byte Order Cache Case Study Change Log Cookies Data Extraction Data Recovery Data Recovery Profiles Date & Time Digital Evidence Discount Dongles Email Recovery Endianness File System Find Panel Free Good Practice Guidelines Hard Disk Head Swap Image Mounting Intelli-Carve Internet Explorer Junction Points Legal Licensing Little Endian Microsoft Windows Mozilla Firefox News NTFS Offer PFC Release Notes Seagate Search Syntax Timestamps Tools Tutorial

About Us

Digital Detective enhances digital forensic science though cutting edge research and development. We offer a range of products and services for digital forensic analysis and advanced data recovery.

Recent Tweets

Exciting news! Our popular #DataDump tool just got even better with the release of v2.1. Download now for free and experience the difference! #freetool #dataextraction digital-detective.ne…

About 3 weeks ago from Digital Detective's Twitter via Twitter Web App

Nothing seems to have changed in the last 13 years. lbc.co.uk/news/polic…

About 2 months ago from Digital Detective's Twitter via Twitter Web App

This has been a lot of work; hope you like it. NetAnalysis® v3.3 and HstEx® v5.3 have been released. Lots of new functionality! digital-detective.ne…

About 3 months ago from Digital Detective's Twitter via Twitter Web App

Her Majesty The Queen Elizabeth II 1926 - 2022 pic.twitter.com/sWSC…

About 5 months ago from Digital Detective's Twitter via Twitter for iPad

Recovery and analysis of MFT resident Zone.Identifier alternate data streams and how they are helpful in a forensic investigation. #DFIR #DigitalForensics #BrowserForensics #FileSystemAnalysis digital-detective.ne…

About a year ago from Digital Detective's Twitter via Twitter Web App

Follow @DigitalDetectiv

Select Language

Translate our site by selecting your language from the option below.

en English
ar Arabiczh-CN Chinese (Simplified)nl Dutchen Englishfr Frenchde Germanit Italianpt Portugueseru Russianes Spanish

Contact Us

Digital Detective Group
Motis Business Centre
Cheriton High Street
Folkestone
KENT, CT19 4QJ
United Kingdom

///courts.endearing.bulbs
+44 (0) 20 3384 3587

Copyright © 2001 - 2023 Digital Detective Group Limited
  • Facebook
  • Twitter
  • Youtube
  • Mail
  • Home
  • Sitemap
  • Corporate
  • Products
  • Store
  • Blog
  • Contact
Scroll to top

This site uses cookies. By continuing to browse the site, you are agreeing to our use of cookies.

OKLearn more

Cookie and Privacy Settings



How we use cookies

We may request cookies to be set on your device. We use cookies to let us know when you visit our websites, how you interact with us, to enrich your user experience, and to customize your relationship with our website.

Click on the different category headings to find out more. You can also change some of your preferences. Note that blocking some types of cookies may impact your experience on our websites and the services we are able to offer.

Essential Website Cookies

These cookies are strictly necessary to provide you with services available through our website and to use some of its features.

Because these cookies are strictly necessary to deliver the website, refuseing them will have impact how our site functions. You always can block or delete cookies by changing your browser settings and force blocking all cookies on this website. But this will always prompt you to accept/refuse cookies when revisiting our site.

We fully respect if you want to refuse cookies but to avoid asking you again and again kindly allow us to store a cookie for that. You are free to opt out any time or opt in for other cookies to get a better experience. If you refuse cookies we will remove all set cookies in our domain.

We provide you with a list of stored cookies on your computer in our domain so you can check what we stored. Due to security reasons we are not able to show or modify cookies from other domains. You can check these in your browser security settings.

Google Analytics Cookies

These cookies collect information that is used either in aggregate form to help us understand how our website is being used or how effective our marketing campaigns are, or to help us customize our website and application for you in order to enhance your experience.

If you do not want that we track your visit to our site you can disable tracking in your browser here:

Other external services

We also use different external services like Google Webfonts, Google Maps, and external Video providers. Since these providers may collect personal data like your IP address we allow you to block them here. Please be aware that this might heavily reduce the functionality and appearance of our site. Changes will take effect once you reload the page.

Google Webfont Settings:

Google Map Settings:

Google reCaptcha Settings:

Vimeo and Youtube video embeds:

Other cookies

The following cookies are also needed - You can choose if you want to allow them:

Privacy Policy

You can read about our cookies and privacy settings in detail on our Privacy Policy Page.

Privacy Policy
Accept settingsHide notification only