Web Browser Forensics
Below are links to a two part article describing an investigation of a breached machine involving suspicious internet activity. Although this article does mention a few commercial analysis tools, one point that bares repeating is that an investigator should not forget about the basic and obvious places to look. Sometimes we just dive in and start doing the 'fun' stuff, like hex viewing (actually not that much fun, but it impresses your friends).
They also provide the data so you can follow along. Invest an hour or so into this project and you can gain some important insite.
Web Browser Forensics, Part 1
Web Browser Forensics, Part 2
They also provide the data so you can follow along. Invest an hour or so into this project and you can gain some important insite.
Web Browser Forensics, Part 1
Web Browser Forensics, Part 2
