Computer Forensics Miscellany

OK so I have given in and revamped the site to make it look a bit less like the Old Curiosity Shop. The aim of the site remains the same and that is to keep it simple and provide a few resources which might assist other computer forensic practitioners to carry out an investigation.

What you will find here -

Messenger Artefacts - How to recover conversations from MSN and Windows Live Messenger.
Triage - Some suggestions on case prioritisation and software triage in an attempt to reduce examination backlogs.
Link Files - Useful information that can be recovered from Windows Shortcut Files.
TimeLord - A comprehensive forensic time utility from Paul Tew.
Other Items - Web Browser Session Restore forensics, What people use as passwords & Lycos Chat Recovery.

My Favourite Blog

There are so many forensic blogs out there that just regurgitate other blogs so it is refreshing to find one that has original content from a hands-on practitioner -

http://forensicsfromthesausagefactory.blogspot.com/

Richard's blog has lots of detailed explanations of the interesting finds he has come across when examining computers, also with some good reports on a wide variety of sat-nav examinations.