Welcome to easymetadata! With a focus on helping you understand and analyze information better. This site is geared towards anyone with some technology understanding including IT professionals, Information Security and Computer Forensics analysts. I try to make it accessible to everyone with an interest in looking at the meta-data that lurks in files and on devices!



MetaDiver is an easy to use solution for extracting and reviewing metadata from files, email and system artifacts on Windows systems. PST, MSG, EML, PDF, Office.. the most popular document formats are all supported, including thousands more file types!

MetaDiver is stand alone and leverages multiple libraries and engines including Apache Tika, OfficeXML, Outlook redemption, among others to retrieve metadata and text from documents, emails, images, media and any number of  thousands of file types. Find out who created files, when and where it was created and much, much more. You will often find metadata that you otherwise would not know exists. Available at the download page.

Read more


MDViewer is a simple stand alone viewer with a graphical or command line version that allows you to review the metadata and text of documents, images, media and any number of the thousands of file types that are supported by Apache Tika. You can even use OpenWith from Windows Explorer or your favorite forensics tool to view the document in MDViewer and see what you were about to miss. You will often find metadata that you otherwise would not know exists. You can download here.

Read more


A solution for recovering previous versions of files in Windows! You won’t be able to do this with Windows Explorer, but you can with ShadowKit! If you are using Windows 8 or later this may be your only way to recover the previous versions of files you are looking for. Available at the download page.

Read more

GitHub Projects

There are more projects and other documents listed on the GitHub repositories page!


Blogs and sites with great information and research.


Social media

Here are a few social resources
Forensic Lunch (Video Podcasts) Learn Forensics is a channel devoted to computer forensics.
#DFIR Digital Forensics and Incident Response posts and discussions on Twitter.
@sansforensics  Sans DFIR for great articles, webcasts and re-tweets.
@HECFBlog Our own Hacking Exposed Computer Forensic’s Author Blog by David Cowen. David posts daily!The Hacking Exposed Computer Forensic’s Blog (HECF) is a highly informational blog with very technical posts and discussions about forensics.
 #InfoSec Information security related posts.

Books on Forensics!