MetaDiver is an easy to use solution for extracting and reviewing metadata from files, email and system artifacts on Windows systems. Find out who created files, when and where it was created and much more.
A solution for recovering previous versions of files in Windows! You won’t be able to do this with Windows Explorer, but you can with ShadowKit! If you are using Windows 8 or later this may be your only way to recover the previous versions of files you are looking for.
Blogs and sites with great information and research.
|Here are a few social resources|
|Forensic Lunch (Video Podcasts)||Learn Forensics is a channel devoted to computer forensics.|
|#DFIR||Digital Forensics and Incident Response posts and discussions on Twitter.|
|@sansforensics||Sans DFIR for great articles, webcasts and re-tweets.|
|@HECFBlog||Our own Hacking Exposed Computer Forensic’s Author Blog by David Cowen. David posts daily!The Hacking Exposed Computer Forensic’s Blog (HECF) is a highly informational blog with very technical posts and discussions about forensics.|
|#InfoSec||Information security related posts.|
Books on Forensics!