Thanks, guys. I'm using sqliteexpert as we speak. Jimmy MT DCI From: win4n6@yahoogroups.com [mailto:win4n6@yahoogroups.com] On Behalf Of Lance Mueller Sent:...
SQLite which support write ahead logging (WAL) are not supported by that browser. Look for SQLite Manager which is a FireFox add on. If on a Mac environment...
I find this works very well: http://www.sqliteexpert.com/ ... I find this works very well: http://www.sqliteexpert.com/ On Fri, May 17, 2013 at 4:35 PM, Weg,...
Every now and then I come across a sqlite database (typically places.sqlite) that I can't open with the free Sqlite Database Browser from Sourceforge. It...
Can someone point me to a post or article that discusses the differences between the Recycler and the $Recycle Bin? I am seeing both on an image that I am...
Hi everyone. Just wanted to pass this along to the list. I posted a write-up that goes into detail on what to expect and how to make sense of UserAssist ...
Hi everybody, To paraphrase Barney Stinson, when people on the Internet make me sad, I stop being sad and go be awesome. Today I'm publishing a method to use...
Frank, I would assume that this is part of the public folders that are populated by the exchange server and will or could be seen by every user. maybe this is...
I am looking at the directory structure inside an Outlook *.ost file. In the "Root - Mailbox" directory on the same level of the IPM_SUBTREE there is a sub...
Thanks Ray, What I ended up doing was using virtualdub to export the raw audio, then imported that to Audacity. It gave me the information I needed. It was...
http://computer-forensics.sans.org/blog/2013/05/15/sans-eu-dfir-summit-in-prague-call-for-speakers-now-open/ The 4th annual Forensics and Incident Response...
Frank, Microsoft Premier customers can request that MS conduct a Risk Assessment Program to ensure the servers are backed up, configured to prevent outages,...
For those of you interested in applying memory forensics to your malware analysis and rootkit detection efforts, we've just posted a new blog with some...
We were able to locate some artifacts on our subject's workstation computer. This system was NOT a server. I noticed that these were on our subject's...
Harlan: Thanks for the feedback. ... Yes, the laptop doesn't have a CD/DVD drive and I've matched the ParentIdPrefix shown under the MountedDevices key for the...
Hey Adam, ;) ... Thanks for sharing, I wasn't aware of that plugin. However, dnscache.py doesn't work w/ Volatility 2.3_alpha, does it? Cheers, Stefan. -- ...
... Exactly. In my original post, I used a reference to malware because it was (a) close in my mind, and (b) somewhat easy to relate to for a wide range of...
Sorry for the late reply on this, I a few things going on at the moment. ... I find it interesting that in this case most of the focus has been on 'suspicious'...
Good evening everyone. I'm looking for a utility that can play an AVI video file and display the audio visually in a waveform, much like Audacity does. It...
Phil, ... First question...are you sure that the D:\ volume is an external device? ... Not that I'm aware of, as part of the OS on XP. Win7 has the EMDMgmt...
DFIROnline is starting at 8pm EDT with Meghana Reddy & Lan Hang from PWC taking us through some methods of data visualization for DFIR. This is a really...
... I've been able to determine pretty much all the information that can be retrieved about this flash drive from the System Hive (USBSTOR, USB, DeviceClass, &...
DFRWS, organizers of the longest-running research conference in digital forensics (http://www.dfrws.org), invite you to participate in the 13th annual...
