To catch a cheater! - Windows 8 Internet History Recovery
July 16th, 2015, 5:58
Hello,
I have a customer who wants me to do a forensic recovery on a windows 8 machine, they are concerned partner is using 'various' online services to cheat on them. Your mission is to help me confirm or deny this.
This thread is to discuss how i can get as much history as possible from the machine in the limited time window i can look at it (12hrs). I have 4 days until they arrive to study and try do a descent recovery, please help me.
I have as my disposal:
1x PC3000 Express kit with software
My current strategy:
1) Map all unused sectors in the drive for later analysis, or preferably the entire drive.
2) Copy existing history from the Windows 8 OS, Firefox and Chrome. (The specifics on this I'm not sure of yet.)
Any help appreciated. I've done plenty of deleted recoveries but this is my first specifically forensic recovery.
I have a customer who wants me to do a forensic recovery on a windows 8 machine, they are concerned partner is using 'various' online services to cheat on them. Your mission is to help me confirm or deny this.
This thread is to discuss how i can get as much history as possible from the machine in the limited time window i can look at it (12hrs). I have 4 days until they arrive to study and try do a descent recovery, please help me.
I have as my disposal:
1x PC3000 Express kit with software
My current strategy:
1) Map all unused sectors in the drive for later analysis, or preferably the entire drive.
2) Copy existing history from the Windows 8 OS, Firefox and Chrome. (The specifics on this I'm not sure of yet.)
Any help appreciated. I've done plenty of deleted recoveries but this is my first specifically forensic recovery.
Re: To catch a cheater! - Windows 8 Internet History Recover
July 16th, 2015, 10:55
after imaging, on a duplicate duplicate copy only... as a starting place to discover just about anything re websites, passwords, banking,credit cards, etc. I use a lisc. from http://www.identityfinder.com . Great general discovery software. The use lisc. is very reasonably priced.
Re: To catch a cheater! - Windows 8 Internet History Recover
July 16th, 2015, 12:24
Try the open source "autopsy".
but first, be damn sure you are legally able to do this.
a husband can go to jail for "hacking" his wife's email account.. and yes EVEN if she IS cheating.
but first, be damn sure you are legally able to do this.
a husband can go to jail for "hacking" his wife's email account.. and yes EVEN if she IS cheating.
Re: To catch a cheater! - Windows 8 Internet History Recover
July 16th, 2015, 13:03
Yes, not to mention the possible legal repercussions. Even if it's "legal" for you do search someone's HDD without their knowledge (and I doubt it is), you can definitely be sued for invasion of privacy. That's why I steer way clear of stuff like this.
When customers drop off phones and the likes for recovery and I even suspect it's not theirs, I tell them that our company policy is to notify the police when we discover a device belongs to someone else. Literally I've had people just walk out after I told them that.
When customers drop off phones and the likes for recovery and I even suspect it's not theirs, I tell them that our company policy is to notify the police when we discover a device belongs to someone else. Literally I've had people just walk out after I told them that.
Re: To catch a cheater! - Windows 8 Internet History Recover
July 16th, 2015, 14:13
If they don't trust their spouse, refer them to marriage counselling.
Re: To catch a cheater! - Windows 8 Internet History Recover
July 17th, 2015, 1:03
Good advice all around.
I will have to reject her offer, i cannot except devices that are not owned by the person submitting them!
I will have to reject her offer, i cannot except devices that are not owned by the person submitting them!
Powered by phpBB © phpBB Group.