In this episode, Eric gives us an overview of EZTools and covers a new tool “SQLESQLD,” which is not officially out yet.

SQLESQLD takes a different approach to finding SQLite databases and provides a way to easily extract the data in the most meaningful way possible.

The challenge this solves is that regardless of the operating system examiners are working with, there is more and more data locked in SQLite including things we know about, things we don’t, schema changes, and things that we are waiting for vendors to update and support.

So, Eric wanted to come up with a way to leverage the processing of the tool to provide the ability to locate, verify, and extract data into what is essentially a text file. 

This approach differs from other tools on the market in that, regardless of how a file is named, SQLESQLD can locate the database in which a file resides.

Why is this necessary? If you have 10 files with the same name, like main.db, that isn’t necessarily going to mean that the schema is the same. So, the first step is positively identifying the database based on the contents of the file.

Listen to the podcast to find out how to take advantage of this functionality in your cases.    

Share this post