The increasing usage of computer networks also increases the likelihood that these systems are going to be involved in criminal activity. Digital forensics is a branch of forensic science, which includes the examination and often restoration of stored data on digital devices. These inspections are most often linked with issues related to cyber crime, but it occurs that it even provides evidence in industrial espionage, or homicide. The area began to develop rapidly over the past 10-15 years, thanks to the Internet and the proliferation of related crimes.
This thesis addresses an important area of digital forensics, namely, the exploration of electronic evidence left by web browsers. It must be analyzed what sites were visited with the browser, what files have been downloaded and what forms were filled out by the computer user. Critical evidence may be in the suspect's browsing history, including the visited sites, search terms or sent messages in web-based e-mail systems.
I present in details, what and how the most popular browsers (Internet Explorer, Mozilla Firefox and Google Chrome) store. I often had to analyze the stored files or examine the browser's source code to achieve this. The corresponding chapter discusses the area more thoroughly and more comprehensively than any other available source and it can serve as a reference for professionals involved in digital forensics.
In my thesis, I examined well-known applications that can read and process files storing browser history. I analyzed their strengths and weaknesses, and based on the obtained results I designed an application, which combines their best characteristics with my own ideas.
Within the frame of my thesis a stable version of the application was completed, which provides a good base for future developments. Alongside with the application, three plugins were made, according to the three most popular browsers. During the development I used the Managed Extensibility Framework which allowed me to easily realize the extensibility of the application.