Edge Bookmarks

Overview

Evidence: Edge Bookmarks Description: Collect Edge Bookmarks Category: Browser Platform: Cross-platform Short Name: ebkmrks Is Parsed: Yes Sent to Investigation Hub: Yes Collect File(s): No

Background

This collector gathers edge bookmarks information from the system. This data is essential for forensic investigations and incident response.

Data Collected

This collector gathers structured data about edge bookmarks.

Edge Bookmarks Data

Field

Description

Example

ID

UserName

User Name

Example Name

ProfileName

Profile Name

Example Name

BrowserName

Browser Name

Example Name

GUID

GUID

Example value

BookmarkID

Bookmark ID

Example value

Name

Name

Example Name

Type

Type

Example value

URL

URL

Example value

ParentFolder

Parent Folder

Example value

DateAdded

Date Added

2023-10-15 14:30:25

DateLastUsed

Date Last Used

2023-10-15 14:30:25

DateModified

Date Modified

2023-10-15 14:30:25

Collection Method

This collector queries the ebkmrks table via osquery and parses the results into structured data.

Usage

This evidence is crucial for forensic investigations as it provides insights into system activity, user behavior, and potential security incidents.

Notes

This data may contain sensitive information that should be handled according to data protection requirements. Ensure proper chain of custody is maintained during collection and analysis.

PreviousETL Logs NextEdge Browsing History

Last updated 1 hour ago

Was this helpful?