"shared_proto_db" under the profile account contains a LevelDB database containing downloaded URLs with a timestamp and a local filename. Very useful for tracking malware source
Primitive strings can be gathered from both .log and .ldb files like so
https://gist.github.com/Allong12/c164245ebabf98d134e73ee45cbee7b1
(created on behalf of @Allong12 - thanks for the idea!)
"shared_proto_db" under the profile account contains a LevelDB database containing downloaded URLs with a timestamp and a local filename. Very useful for tracking malware source
Primitive strings can be gathered from both .log and .ldb files like so
https://gist.github.com/Allong12/c164245ebabf98d134e73ee45cbee7b1
(created on behalf of @Allong12 - thanks for the idea!)