Analysing Chrome login data

24 Sep 2019

When a user logs into a website using Google Chrome the browser will offer to save the password. When the user dismisses the save password dialog a record is added to the Login Data database. Therefore, we can use this data to determine the usernames used to log into websites even when the user has not chosen to save the password.

Read More

Introducing SQLite Examiner

15 Jul 2019

We have released the first version of SQLite Examiner, a free tool for viewing SQLite databases. SQLite Examiner includes standard features such as viewing data per table and writing custom SQL queries. It also includes a number of features for analysing Binary Large Objects (BLOB) stored within SQLite databases.

Read More

Analysing synchronised browser history

17 Jun 2019

Both Chrome and Firefox offer the ability to sync various browser data between multiple devices by signing in with a Google or Firefox account. This data includes autofill, bookmarks, extensions, passwords, preferences, open tabs and website visits. This post will focus on syncing website visits between devices and the impact this has on an investigation involving browser history.

Read More

Analysing Firefox Session Restore data

09 May 2019

Like most web browsers Firefox includes a Session Restore feature allowing your currently open windows and tabs to be restored in the event of a forced-restart or crash. All session data is stored in a compressed file format referred to as MOZLZ4 or JSONLZ4. The file format is standard LZ4 data with a custom header. We have recently updated BHE to automatically extract session data from the sessionstore.jsonlz4 file and any files within the sessionstore-backups folder.

Read More

Browser History Examiner v1.9 released

31 Jan 2019

Browser History Examiner v1.9 is now available to download. New features include: Website History Summary View, Search History Word Cloud and Export to Excel.

Read More

Recent Posts

Categories