Computer Tips
What | Link - |
Prefetch folder Each time you turn on your computer, Windows keeps track of the way your computer starts and which programs you commonly open. ... The prefetch folder is a subfolder of the Windows system folder. The prefetch folder is self-maintaining, and there's no need to delete it or empty its contents. | C:\Windows\Prefetch |
Potpourri I,II,III,IV,V | |
Whois (IP adressen opzoeken) | |
Spyderweb (vanalles opzoeken ... e-mail, | |
Convert files (OCR) via Google Documents | |
Google location | |
GSM (Mobile) number belongs to which provider (welke provider op basis van GSM nummer | |
Identifcation of a mobile via an IMEI number | |
Position of the Mobile antennas (GSM masten positie en coordinaten) | |
Compare mobile networks (signaalsterkte meten van Base Proximus Mobistar) | |
Find your Ipad Iphone or Ipod via Icloud (IPhone zoeken vinden via Icloud) | |
Find your Android device (Android toestel zoeken vinden via Google account) | |
Verify e-mail address (kijken of e-mail adres nog bestaat) | |
FACEBOOK custom Tools (Facebook speciale opzoekingen) | |
FACEBOOK ID Go to the Facebook user profile of the target. Right-click on an empty area of the page and select "view source code". You will get a new page with the source code. Search for the term profile_owner. The number located next to profile_owner is the unique Facebook ID. | |
TWITTER search | |
Social Media Checker (kan ik nog registreren met een naam op bepaade sociale media) | |
Privacy | |
Google image search (Foto zoeken via Google) | |
Reverse image search (Foto opzoeken via TinEye) Reverse image search (Foto opzoeken via TinEye) | |
Stolen camera finder (gebruik foto's om via de metadata foto's op het internet terug te vinden die met dezelfde camera werden getrokken) | |
E-mail header analysis (e-mai headers analyseren) | |
Website copier (volledige website kopieren) | |
Video to JPG converter (video omzetten in JPG) | |
Nirsoft (veel gratis programma's | |
FoneFunShop (allerhande tools voor GSM ) | |
Mac address finder (Mac adres opzoeken) | |
Mac address changing | |
RAM (Random Access Memory) investigation | |
GPS coordinaten ingeven in Google Maps | |
Reverse engineering | |
Which files are encrypted? (ransomware geëncrypteerde bestanden identificeren | |
Ransomware identification (ransomware identificeren) | |
All kind of tools to use for system analysis Download for the suite here | |
Computer Forensics Tutorials | |
Hoe lost u boot en opstart problemen op met UEFI | |
Device configuration overlay (DCO) changer Detection tools[edit] HDAT2 a free software program can be used to create/remove Host Protected Area (HPA) (using command SET MAX) and create/remove DCO hidden area (using command DCO MODIFY). It also can do other functions on the DCO. Data Synergy's free ATATool utility can be used to detect a DCO from a Windows environment. The current version does not allow a DCO to be removed.[3] | |
What is DCO (harddisk verborgen gebied) ook HPA | |
HPA (Host Protected Area) Verborgen gedeelte op harddisk | |
X-Ways lessons with video | |
X‐Ways Forensics (v15.4) QuickStart Guide | |
X-Ways Forensics manual (handleiding) | |
X-Ways Forensics extended File Type Categories | |
X-Ways Operating system info | Right click on partition (not the whole disk) and go to "properties" |
Regular expressions ( Grep ) - long list (Master Card, Bitcoin, e-mail.......) | |
How to Pull Passwords from a Memory Dump | |
Windows File Encryption (former to Windows Bitlocker) | |
Wiki FCCU | |
Created: 12 Aug 2006 11:34:14 - this is when the file was created at that location. Here 'created' doesn't necessarily mean made. Modified: 14 July 2006 09:05:45 - this is when the file content was last changed and then saved. Accessed: 12 Aug 2006 12:05:34 - this was when the file was last touched in some way. Be careful because this could include an AV application checking the file and doesn't necessarily infer user interaction. | |
What is ARP cache | |
Petya ransomware outbreak: Here’s what you need to know | |
What | Link - |
Prefetch folder Each time you turn on your computer, Windows keeps track of the way your computer starts and which programs you commonly open. ... The prefetch folder is a subfolder of the Windows system folder. The prefetch folder is self-maintaining, and there's no need to delete it or empty its contents. | C:\Windows\Prefetch |
Potpourri I,II,III,IV,V | |
Eventviewer opstarten (logboeken) via command | |
Eventcodes | |
Codes: | Windows 4608 Windows is starting up Windows 4609 Windows is shutting down Windows 4825A user was denied the access to Remote Desktop. By default, users are allowed to connect only if they are members of the Remote Desktop Users group or Administrators group Windows 4830SID History was removed from an account Windows 5024The Windows Firewall Service has started successfully Windows 5025The Windows Firewall Service has been stopped Windows 5027The Windows Firewall Service was unable to retrieve the security policy from the local storage Windows 5028The Windows Firewall Service was unable to parse the new security policy. Windows 5029The Windows Firewall Service failed to initialize the driver Windows 5030The Windows Firewall Service failed to start Windows 5032Windows Firewall was unable to notify the user that it blocked an application from accepting incoming connections on the network Windows 5033The Windows Firewall Driver has started successfully Windows 5034The Windows Firewall Driver has been stopped Windows 5035The Windows Firewall Driver failed to start Windows 5037The Windows Firewall Driver detected critical runtime error. Terminating |
Whois (IP adressen opzoeken) | |
Spyderweb (vanalles opzoeken ... e-mail, | |
Convert files (OCR) via Google Documents | |
Google location | |
GSM (Mobile) number belongs to which provider (welke provider op basis van GSM nummer | |
Identifcation of a mobile via an IMEI number | |
Position of the Mobile antennas (GSM masten positie en coordinaten) | |
Compare mobile networks (signaalsterkte meten van Base Proximus Mobistar) | |
Find your Ipad Iphone or Ipod via Icloud (IPhone zoeken vinden via Icloud) | |
Find your Android device (Android toestel zoeken vinden via Google account) | |
Verify e-mail address (kijken of e-mail adres nog bestaat) | |
FACEBOOK custom Tools (Facebook speciale opzoekingen) | |
FACEBOOK ID Go to the Facebook user profile of the target. Right-click on an empty area of the page and select "view source code". You will get a new page with the source code. Search for the term profile_owner. The number located next to profile_owner is the unique Facebook ID. | |
TWITTER search | |
Social Media Checker (kan ik nog registreren met een naam op bepaade sociale media) | |
Privacy | |
Google image search (Foto zoeken via Google) | |
Reverse image search (Foto opzoeken via TinEye) Reverse image search (Foto opzoeken via TinEye) | |
Stolen camera finder (gebruik foto's om via de metadata foto's op het internet terug te vinden die met dezelfde camera werden getrokken) | |
E-mail header analysis (e-mai headers analyseren) | |
Website copier (volledige website kopieren) | |
Video to JPG converter (video omzetten in JPG) | |
Nirsoft (veel gratis programma's | |
FoneFunShop (allerhande tools voor GSM ) | |
Mac address finder (Mac adres opzoeken) | |
RAM (Random Access Memory) investigation | |
GPS coordinaten ingeven in Google Maps | |
Reverse engineering | |
Which files are encrypted? (ransomware geëncrypteerde bestanden identificeren | |
Ransomware identification (ransomware identificeren) | |
All kind of tools to use for system analysis Download for the suite here | |
Computer Forensics Tutorials | |
Hoe lost u boot en opstart problemen op met UEFI | |
Device configuration overlay (DCO) changer Detection tools[edit] HDAT2 a free software program can be used to create/remove Host Protected Area (HPA) (using command SET MAX) and create/remove DCO hidden area (using command DCO MODIFY). It also can do other functions on the DCO. Data Synergy's free ATATool utility can be used to detect a DCO from a Windows environment. The current version does not allow a DCO to be removed.[3] | |
What is DCO (harddisk verborgen gebied) ook HPA | |
HPA (Host Protected Area) Verborgen gedeelte op harddisk | |
X-Ways lessons with video | |
X‐Ways Forensics (v15.4) QuickStart Guide | |
X-Ways Forensics manual (handleiding) | |
X-Ways Forensics extended File Type Categories | |
Regular expressions ( Grep ) - long list (Master Card, Bitcoin, e-mail.......) | |
How to Pull Passwords from a Memory Dump | |
Windows File Encryption (former to Windows Bitlocker) | |
Wiki FCCU | |
Created: 12 Aug 2006 11:34:14 - this is when the file was created at that location. Here 'created' doesn't necessarily mean made. Modified: 14 July 2006 09:05:45 - this is when the file content was last changed and then saved. Accessed: 12 Aug 2006 12:05:34 - this was when the file was last touched in some way. Be careful because this could include an AV application checking the file and doesn't necessarily infer user interaction. | |
What is ARP cache | |
Petya ransomware outbreak: Here’s what you need to know | |
Windows Startup time and shutdown time | |