Hello, has anyone here done any work with forensics relating to the google toolbar? For either IE or Firefox is good.
Or anyone know a good site that talks about reversing the toolbar?
Ive googled for an hour or so and havent found anything technical.
What, specifically, are you looking for? Are you interested in forensic artifacts of the Google toolbar, or are you looking to reverse engineer the code?
Im looking more for forensic artifacts…
Or, if i cant find anything on that, just general reversing information would be helpful.
Well, here's what I'd suggest
1. Snapshot your system (InControl5, RegSnap/Shot, etc.). Install the toolbar, redo the snapshot, and compare the two.
2. Once the toolbar is installed, run some searches, this time not only snapshotting the system as in 1., but also running RegMon and FileMon (from SysInternals.com) to see what other accesses are made to the Registry and filesystem.
Once you're done, I'm sure we'd all appreciate it if you could publish your results.
Thanks,
Harlan