Summary

E-mail files contain a large amount of valuable information, allowing forensic examiners to gain greater insight into communications and activity of users over time. Using open source libraries, we are able to explore PST files and extract information about the messages and folders within. We also examined the content and metadata of the messages to gather additional information about frequent contacts, common words, and abnormal hot spots of activity. Through this automated process, we can gather a better understanding of the data we review and begin to identify hidden trends. The code for this project can be downloaded from https://packtpub.com/books/content/support. Additional code to support the libpff installation can be found at ...

Get Learning Python for Forensics now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.