MetaDiver is an easy to use solution for extracting and reviewing metadata from files, email and system artifacts on Windows systems. PST, MSG, EML, PDF, Office.. the most popular document formats are all supported, including thousands more file types! Find out who created files, when and where it was created and much more. Available at the download page.
A solution for recovering previous versions of files in Windows! You won’t be able to do this with Windows Explorer, but you can with ShadowKit! If you are using Windows 8 or later this may be your only way to recover the previous versions of files you are looking for. Available at the download page.
There are more projects and other documents listed on the GitHub repositories page!
Blogs and sites with great information and research.
|Here are a few social resources|
|Forensic Lunch (Video Podcasts)||Learn Forensics is a channel devoted to computer forensics.|
|#DFIR||Digital Forensics and Incident Response posts and discussions on Twitter.|
|@sansforensics||Sans DFIR for great articles, webcasts and re-tweets.|
|@HECFBlog||Our own Hacking Exposed Computer Forensic’s Author Blog by David Cowen. David posts daily!The Hacking Exposed Computer Forensic’s Blog (HECF) is a highly informational blog with very technical posts and discussions about forensics.|
|#InfoSec||Information security related posts.|
Books on Forensics!