7. ADDONS
Any browser addons
- extra toolbars (sometimes users don’t even know they have them
installed)
What you will find:
Name, Version, Description, and other data like which profile gets to use it
in a multi-profile environment
RISC MEET 7
8. CHROMEAPPSTORE
The Search Engine container in Firefox which is set to Google by default,
though users can set any other search engine
RISC MEET 8
9. CONTENT-PREFS
Browser Preferences and Content settings like text zoom, page style,
character encoding on a site-specific bases
Useful for showing intent and frequency of visits along with the browser
history
RISC MEET 9
10. COOKIES
Every cookie that is set by the system
These may or may not be wiped clean when a user deletes all cookies or
any other program to clear tracks
A cookie being set does NOT mean the user visited the site
RISC MEET 10
11. DOWNLOADS
List of every file downloaded
- Cleared when user clears the download queue in Firefox
You can tell a lot about a person by what they download
RISC MEET 11
15. PLACES
Places visited, bookmarks and attributes to sites commonly visited by the
user
Cross referencing this file with cookies, formhistory and permissions
provides a robust view of the user and how they use Firefox
Cross referencing is also useful to prove that the visit was intentional
versus a drive by cookie session
RISC MEET 15
21. CACHE
Files you will find in the Cache Folder:
_CACHE_MAP
_CACHE_001, _CACHE_002, _CACHE_003
Cache Map is the main file needed to reconstruct the cache files
RISC MEET 21
