----- Original Message ----
From: Xander Solis <xrsolis@???>
To: Philippine Linux Users' Group (PLUG) Technical Discussion List <plug@???>
Sent: Wednesday, June 25, 2008 18:25:37
Subject: Re: [plug] forensic tools
Pasco and Galleta are tools for IE Forensics. Helix, the Linux Live CD distribution built for forensic analysis, has these tools.
Hope this helps,
On Mon, Jun 23, 2008 at 10:50 AM, Michael Tinsay <tinsami1@???> wrote:
I'm trying to do some semipro (in between amateur and pro ;-) ) forensics investigation on a Windows PC. Mainly trying to get details related to web browsing with IE wherein the Histories have been removed, cache flushed, etc.
So far, I've tried ntfsundelete and foremost. I'll be trying PhotoRec sometime today. Any other tools I might try?