IXTK Supported Artifacts

Artifacts Supported by Internet Examiner Toolkit

DEFINITIONS:

file artifact [loj-i-kuh l] [ahr-tuh-fakt]
noun

  1. A logical file that represents a single object (e.g., a picture file or a document) or contains record data (compound file) such as a database file.

trace artifact [treys] [ahr-tuh-fakt]
noun

  1. A contiguous range of bytes found anywhere within a logical file or across one or more physical disk sectors; can be thought of as a fragment of data. Note: The construct alone of a keyword or regular (grep) expression is a trace artifact.
NOTE: Newer versions of products that might be more current than those versions listed in the chart below are very likely still supported by IXTK. This list is only updated periodically and therefore may not accurately reflect all supported product releases. In addition, for select products such as Firefox and Chrome, there is a presumption that various artifacts are formatted the same across different platforms. Testing on mobile devices is not conducted in all cases.

Browser Activity
Artifact Description File Trace PC Mobile
Google Chrome
Bookmarks (v3-36)    
 
Cache (v3-36)    
 
Cookies (v3-36)    
 
Downloads (v3-36)    
 
History (Index, Index History) (v3-36)    
 
Internet Explorer
Cache (v5-11)    
Cookies (v5-9)    
History (Master, Daily, Weekly) (v5-11)    
Mozilla Firefox
Bookmarks (v3-31)    
 
Cache (v2-31)    
 
Cookies (v3-31)    
 
Downloads (v3-31)    
 
History (v2-31)    
 
Opera
Cache (v3.6-12.16)    
Cache (Opera Next) – Implements the Chromium Project format. (v15-18)    
 
History (v4-12)    
Safari
Bookmarks (v3-5)    
 
Cache (v3-5)    
 
Cookies (v3-5)    
 
Downloads (v3-5)    
 
History (v3-5)    
 
 
Multimedia Files
Artifact Description File Trace PC Mobile
Pictures
BMP – Bitmap    
 
GIF – Graphics Interchange Format    
 
JPEG – Joint Photographic Experts Group  
 
PNG – Portable Network Graphics    
 
TIF – Tagged Image File Format    
  
Videos (IXTK’s built-in video player supports all of the following formats)
3G2 – Mobile device video format    
 
3GP – Mobile device video format    
 
AVI – Audio Video Interleaved    
  
FLV – Adobe Flash Video    
MOV – QuickTime Movie    
  
MP4 – Moving Picture Expert Group-4    
 
MPG – Moving Picture Experts Group    
 
SWF – Shockwave Flash    
  
VOB – Video Object (DVD-Video)    
  
WMV – Windows Media    
 
Social Networking
Artifact Description File Trace PC Mobile
Facebook
Chat Message – Common JSON format    
 
Chat Message – HTML formatted message    
 
Chat Message – Left sidebar snippets of last chats    
 
Online Profileonline profiles as shown in Facebook page right sidebar    
 
Photo Url – Fully qualified Url to Facebook profile picture    
 
Twitter
Photo Url (Big) – Fully qualified Url to large size thumbnail    
 
Photo Url (Normal) – Fully qualified Url to normal size thumbnail    
 
Tweet HTML – Tweeted message in HTML format    
 
Twitter ID: Full Name – Full Name related to Twitter account User ID    
 
Screen Name ID – User ID and Screen Name attributes from HTML page    
 
YouTube
Evidence of Played Video – Recover video Url and attributes    
 
 
Keyword Artifacts
Artifact Description Icon Trace PC Mobile
Cloud Storage
ADrive  
 
BackBlaze  
 
Backup and Share  
 
Backup Genie  
 
Backupify  
 
Box  
 
Carbonite  
 
Crash Plan  
 
Dropbox  
 
Druva  
 
Egnyte  
 
Elephant Drive  
 
Flickr  
 
Google Docs  
 
iBackup  
 
iCloud  
 
Jungle Disk  
 
JustCloud  
 
KeepIt  
 
LiveDrive  
 
Mimedia  
 
Mozy  
 
My Other Drive  
 
My PC Backup  
 
OpenDrive  
 
Penny Backup  
 
SkyDrive  
 
SOS Online Backup  
 
Sugar Sync  
 
ZipCloud  
 
Zumo Drive  
 
Peer-To-Peer (file sharing programs)
Acquisition  
 
ANts  
 
Ares  
 
BearShare  
 
BitComet  
 
BitTornado  
 
Cabos  
 
DC++  
 
eMule  
 
eMule Plus  
 
Frostwire  
 
Gigatribe  
 
KTorrent  
 
Limewire  
 
MLDonkey  
 
Shareaza  
 
Soul Seek  
 
UTorrent  
 
Vuze  
 
 

LIVE Internet Artifact Description File Download Cloud API Reply
Social Networking
YouTube
YouTube Video – Select any video online and download it directly into your case file (coming soon).  
Domain Research Tools
DomainIQ.com – WhoIs, Domain IP WhoIs, Reverse DNS, Reverse IP, Reverse MX, Email Report and Name Report searching.