1 |
J. Douglas, "Forensic artefacts present in microsoft windows desktop search," Master's Thesis, Cranfield University, 2009
|
2 |
Mircosoft, "Extensible Storage Engine," https://technet.microsoft.com/library/Cc961824
|
3 |
J. Metz, "Extensible Storage Engine (ESE) Database File (EDB) format specification," https://github.com/libyal/libesedb/tree/master/documentation
|
4 |
woanware, "EseDbViewer v1.0.6," http://www.woanware.co.uk/forensics/esedbviewer.html
|
5 |
NirSoft, "ESEDatabaseView v1.30," http://www.nirsoft.net/utils/ese_database_view.html
|
6 |
H. Chivers and C. Hargreaves, "Forensic data recovery from the windows search database," Digital Investigation, vol. 7, no. 3-4, pp. 114-126, Apr. 2011.
DOI
|
7 |
H. Chivers, "Private browsing: A window of forensic opportunity," Digital Investigation, vol. 11, no. 1, pp. 20-29, Mar. 2014.
DOI
|
8 |
JM. Gordon, "A forensic examination of windows desktop search (version 3)," Master's Thesis, Cranfield University, 2009
|