Internet History - ...
 
Notifications
Clear all

Internet History - weapon of choice?

11 Posts
9 Users
0 Likes
625 Views
Novunix
(@novunix)
Posts: 35
Eminent Member
Topic starter
 

Hi

Just looking to see what our community is currently using for recovering internet history and what tools y'all have in the locker.

Currently I have IEF v6.3 as the main one and rarely use anything else these days, but I have used HstEx and NetAnalysis in the past.

I was going to submit a poll but would probably then miss out on a few options
Thanks

 
Posted : 14/02/2014 6:23 pm
Igor_Michailov
(@igor_michailov)
Posts: 529
Honorable Member
 

Internet Examiner® Toolkit
http//www.siquest.com/index.php

Belkasoft Evidence Center
http//forensic.belkasoft.com/en/

 
Posted : 14/02/2014 8:04 pm
Novunix
(@novunix)
Posts: 35
Eminent Member
Topic starter
 

Thanks for replying Igor.

I have Belkasoft too, haven't used it too much recently.
Time to dust off that dongle )

 
Posted : 17/02/2014 4:16 pm
Igor_Michailov
(@igor_michailov)
Posts: 529
Honorable Member
 

Time to dust off that dongle )

LOL

 
Posted : 17/02/2014 4:41 pm
(@jlindmar)
Posts: 30
Eminent Member
 

Novunix,

I've used NetAnalysis w/ HstEx since 2006 and have always been happy with the results. The tool has very good supporting documentation as well and the developer has always been quick to respond to any questions that I had.

Regards,

Jesse

 
Posted : 19/02/2014 7:10 pm
Chris_Ed
(@chris_ed)
Posts: 314
Reputable Member
 

Novunix,

I've used NetAnalysis w/ HstEx since 2006 and have always been happy with the results. The tool has very good supporting documentation as well and the developer has always been quick to respond to any questions that I had.

Regards,

Jesse

NetAnalysis is a good (and relatively cheap) tool, but it has somewhat fallen behind the times. Maybe v2 will change things ..?

IEF is pretty much the swiss army knife of Internet Artefact recovery tools right now. It does come at a price - but it is pretty much head and shoulders above the competition in my opinion.

 
Posted : 19/02/2014 9:01 pm
(@matrix)
Posts: 21
Eminent Member
 

I use both NetAnalysis/HstEx and IEF to extract Internet history. The extracted records are imported into MS Access and I run custom SQL query scripts to identify relevant evidence.

 
Posted : 20/02/2014 6:56 am
minime2k9
(@minime2k9)
Posts: 481
Honorable Member
 

I use IEF predominantly, HstEx used to be the tool of choice 3 years ago, however since the advent of Sqlite databases for Internet Browsers it has lagged behind other tools.

 
Posted : 20/02/2014 1:32 pm
UnallocatedClusters
(@unallocatedclusters)
Posts: 577
Honorable Member
 

I have had excellent results using Passmark's OSForensics (http//www.osforensics.com/)

A. OSForensics is only $499.00
B. The recent activity visual timeline function is very useful to analyze browsing history
C. There is a sqlite database viewer built in

I also use Autopsy (The Sleuthkit) (http//www.sleuthkit.org/autopsy/) which is free.

 
Posted : 20/02/2014 10:22 pm
pcstopper18
(@pcstopper18)
Posts: 60
Trusted Member
 

The biggest factor will be your budget as we all know, but I would say that IEF and the NetAnalysis/HstEx tools are the most comprehensive. We use them both in our lab.

IEF has a nicer interface and breaks down many different types of internet artifacts which is its strength. NetAnalysis doesn't do comprehensive artifacts. If we are just parsing internet history records (with associated attachments and metadata) then we have found NetAnalysis does that much better. Also, as stated before, all you have to do is convert the output to MS Access format and you can bring the power of queries to bear which can do a lot for you.

Hope the community continues to provide some more helpful information for you.

Good luck!

 
Posted : 20/02/2014 11:34 pm
Page 1 / 2
Share: