windows digital forensic 14

by

Practical Assessment Assignment

Instructions

  • For your assignment – please review pages 183 to 231 which covers out an EXTENSIVE set of tools related
  • Next, I have prepared a chart for you. See below. Please download these tools and experiment.
  • Perform an analysis and send me screenshots or log files showing that you have tested all these tools
  • Then prepare a 3 – 6 pages paper outlining what you learned and if there are any tools that you would consider recommending to your colleagues. Be sure to experiment e.g. what happens if you are in Private Browsing mode? What happens if you run the tool then check a website then you run the tool again? Please compare and contrast!

Software

Link

Free?

WinPrefetchView

https://www.nirsoft.net/utils/win_prefetch_view.ht…

Yes

Thumbcache Viewer

https://thumbcacheviewer.github.io/

Yes

IEHistory View

http://www.nirsoft.net/utils/iehv.html

Yes

MiTEC Internet History Browser

https://www.mitec.cz/ihb.html

Yes

Browsing History View

http://www.nirsoft.net/utils/browsing_history_view…

Yes

IECache View

http://www.nirsoft.net/utils/ie_cache_viewer.html

Yes

IECookies View

http://www.nirsoft.net/utils/iecookies.html

Yes

FavoritesView

http://www.nirsoft.net/utils/faview.html

Yes

MiTEC SSV

https://www.mitec.cz/ssv.html

Yes

MozzillaHistory View or IECookiesView

http://www.nirsoft.net/web_browser_tools.htm

Yes

MozillaCookies View, (if you do use Mozilla)

http://www.nirsoft.net/web_browser_tools.html

Yes