Recently I relocated easymetadata.com to a new hosting provider. It turns out I missed some links that broke in the move. Those issues should now be fixed! If you continue to run across broken links such as linking back to ip’s people contact me. Thanks!
Category Archives: metadata
Announcing the initial 1.0 release of MDViewer and MDViewerCLI. Powered purely by Apache TIKA for parsing metadata. MDViewer A viewer for viewing file metadata (parsed by Apache TIKA) similar to MetaDiver review window. Review metadata, strings, hex and more. It supports drag and drop and windows file-open support. MDViewerCLI A simple command line tool for
I thought I’d share some holiday command line cheer. If you have Windows 10 then you also have a command line package manager named “choco”. Many tools can be installed just like in Linux from a command prompt. Exiftool is a great command line tool for looking at document metadata. Much of this metadata may
I’ve updated FindUSBMSC to allow it to handle corrupted gzip files. You can find the latest version on my GitHub page at the link below. Download Here’s where you can get version v20171030 Change log # v20171026 – Fixes issue with gzipped logs not being processed due to wrong variable being returned. # v20171030 –
Welcome back to a review of Visual Studio registry artifacts. In Part 1 I discussed “Find & Replace” as well as the Visual Studio 2017 registry hive that is separate from the NTUSER.DAT (HKLU). In this post I want to briefly show you that Visual Studio keeps its own Most Recently Used Item lists. Below
When you use Visual Studio it leaves a lot behind that is valuable to an investigator. A valuable trove of information may exist. We are going to review briefly the “Find and Replace” history that gets left behind. Find and Replace Registry location “…\Software\Microsoft\VisualStudio\<version #>\Find” Below you can my see Find history.
The latest version of MetaDiver is available for download. Download: Metadiver 3.1.1 Numerous improvements from previous release. Using the latest version is highly recommended! Changelog v3.1.1 (build 1623) -bugfixes to paging in Review window -fix to keyword search not pulling back hits in some cases -prevent empty line in keywords on save -performance optimizations -resized
In the past week I moved the websites to vps from shared hosting for www.easymetadata.com and www.redrocktx.com. I’m noticing a huge difference for $4/m more. I know I’m stubborn for not ditching the whole website thing and moving to medium.. I’m just not that hipster. I like having a shell and control. Anyway, hopefully you
I decided I needed to put out a simple command line program for dumping metadata. It’s been sitting on my todo list for too long. I’ve been using Tika for a long time now and it’s amazing how many file format’s it supports. The file formats it supports keeps grows with every new release. This
There is a new forensic viewer in town called “Pancake Viewer”. It’s being developed by our good friend Forensicmatt known for the Triforce journal parser. Pancake viewer is there to review forensic artifacts interactively in a simple interface, for free. Its familiar and based fully on opensource libraries. If your curious about the backend it’s