|−|Are there any tools that can show or export the contents of these database files? |+|
or the of
| || |
|−|There is a project on sourceforge, maintained by Joachim Metz, that is trying to reverse engineer the format. |+|
|−|An alpha stage tool is available for download and some good documentation regarding the format. |+|
sourceforge. net/ projects/ libesedb/] |+|
Latest revision as of 03:34, 25 June 2014
Computer forensics is the practice of identifying, extracting and considering evidence from digital media such as computer hard drives. Digital evidence is both fragile and volatile and requires the attention of a certified specialist to ensure that materials of evidentiary value can be effectively isolated and extracted in a scientific manner that will bear the scrutiny of a court of law.
Computer forensics is not to be confused with the more generic term of 'forensic computing', which refers to the analysis and study of all types of digital media and materials - whether they be of a computing or telecommunication nature. Computer forensics, in a strict sense, applies specifically to the evaluation of computers and data storage or data processing devices.