Welcome to easymetadata! With a focus on helping you understand and analyze information better. This site is geared towards anyone with some technology understanding including IT professionals, Information Security and Computer Forensics analysts. I try to make it accessible to everyone with an interest in looking at the meta-data that lurks in files and on devices!



MetaDiver is an easy to use solution for extracting and reviewing metadata from files, email and system artifacts on Windows systems. PST, MSG, EML, PDF, Office.. the most popular document formats are all supported, including thousands more file types! Find out who created files, when and where it was created and much more. Available at the download page.

Read More


A solution for recovering previous versions of files in Windows! You won’t be able to do this with Windows Explorer, but you can with ShadowKit! If you are using Windows 8 or later this may be your only way to recover the previous versions of files you are looking for. Available at the download page.

Read More

GitHub Projects

There are more projects and other documents listed on the GitHub repositories page!


Blogs and sites with great information and research.


Social media

Here are a few social resources
Forensic Lunch (Video Podcasts) Learn Forensics is a channel devoted to computer forensics.
#DFIR Digital Forensics and Incident Response posts and discussions on Twitter.
@sansforensics  Sans DFIR for great articles, webcasts and re-tweets.
@HECFBlog Our own Hacking Exposed Computer Forensic’s Author Blog by David Cowen. David posts daily!The Hacking Exposed Computer Forensic’s Blog (HECF) is a highly informational blog with very technical posts and discussions about forensics.
 #InfoSec Information security related posts.

Books on Forensics!