Introduction A frequent question when dealing with browser forensics is ‘Does the Hit Count value mean that the user visited site ‘x’, on ‘y’ occasions?’ Most browsers record a ‘Hit Count’ value in one or more of the files they use to track browser activity, and it is important that an analyst understands any potential […]
Internet Explorer Data As forensic examiners will be aware, Microsoft Internet Explorer stores cached data within randomly assigned folders. This behaviour was designed to prevent Internet data being stored in predictable locations on the local system in order to foil a number of attack types. Prior to the release of Internet Explorer v9.0.2, cookies were […]
Introduction to Userdata Internet Explorer 8+ user data persistence is a function which allows online forms to save a small file to the system with information about values entered in a particular form. This allows the user to retrieve a half filled web based form when they revisit. Persistence creates new opportunities for website authors. Information […]
Introduction The Internet Explorer disk cache is a storage folder for temporary Internet files that are written to the hard disk when a user views page from the Internet.Internet Explorer uses a persistent cache and therefore has to download all of the content of a page (such as graphics, sound files or video) before it […]
Introduction Microsoft Internet Explorer maintains a number of INDEX.DAT files to record visits to web sites as well as to maintain cache and cookie data. In this article, we will look at the Daily and Weekly files. Daily INDEX.DAT Entries The Daily INDEX.DAT file maintains a Daily record of visited pages. This INDEX.DAT file has an unusual HOST record […]
Internet Explorer introduced a number of new security and privacy features in version 8. One of these new features was InPrivate Filtering. InPrivate Filtering helps prevent the web sites a user visits from automatically sending details about the visit to other content providers. When a user visits a web site, it automatically shares standard computer […]
Introduction Redirects provide a way to transport the browser from one point on a web site to another. Redirects are most commonly used to translate references to outdated web pages to new, updated ones. They can be instigated either by the browser, in which case they are referred to as client-side redirect, or by the […]
Our offices will be closed until Thursday 2nd January 2020. We wish all of you a very happy Christmas and a great New Year.
Byte order sequences are extremely important for digital forensic analysis. This article from our core skills series and will point you in the right direction. #DFIR #DigitalForensics #CoreSkills digital-detective.ne…
Understanding how different number systems work is a core skill in Digital Forensics. If you are a digital forensics student, this introductory lesson will teach you the basics. #DFIR #DigitalForensics #CoreSkills digital-detective.ne…
Translate our site by selecting your language from the option below.
Digital Detective Group
Motis Business Centre
Cheriton High Street
KENT, CT19 4QJ
+44 (0) 20 3384 3587