If you have a Facebook account, take a look under the hood some time by viewing the source in your browser while you're logged in. Imagine having to deal with all of that for a digital forensics investigation. It's mind numbing, especially if all you want is who said what and when. I spent the better part of today brushing up on Python's regular expression implementation and put together this Facebook Artifact Parser that does a decent job of parsing through Facebook artifacts found on disk (as of the time of this writing).
In my case, I made use of this by first recovering several MB worth of Facebook artifacts from disk and I combined all of these elements into one file. Having done that, run this script from the command line giving the name of the file as the only argument. It works on multiple files as well.
Subscribe to:
Post Comments (Atom)
Grand Canyon Rim to Rim: New Gear and Best Intentions
I pulled my late 1980s backpack out of storage. My first thought was that it was heavier than I remembered, just over seven pounds empty. Ba...
-
I hadn't intended to drive for 16 hours. It's around midnight and my friend and I are about two hours away from Bright Angel Lodge a...
-
If you're fortunate enough to be running a modern endpoint detection and response (EDR) product or even endpoint protection (EPP), you m...
-
Existential risk from AI Some believe an existential risk accompanies the development or emergence of artificial general intelligence (AGI)...
No comments:
Post a Comment