📜 User Files

📘 Manual

Data about a file is stored in several locations: system metadata (generated by the file system or doc management of the OS), substantive metadata (information that defines modifications to a document), embedded metadata (information embedded by the application that creates or edits the file), external metadata (separate doc, for example, a database).

🎞 Media Files

Windows Recent documents Key 🔑: NTUSER.DAT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs Contains the list of all recent documents as a bunch and also the same data sorted by extension.

🍺 IPA

I wish this article were about hazy ipa, but it’s far from that fascinating. I will dissect the IPA file format, Apple’s proprietary file format, for application packaging. This article will also provide useful tips on patching and repackaging it.

CAR

CAR is a proprietary file format used by Apple. It is a compiled asset catalogue created by Apple Xcode to store assets, such as icons, images, and textures, for iOS, tvOS, watchOS, and macOS applications.

plist

plist files are Apple config proprietary file format. It serves a similar purpose as the registry on Windows, but the files are scattered across the file system instead.

JPEG

This is about … .

Office Documents

File Structure Macros A letter m at the end of extension means that doc has some macros inside.

PDFs

File Structure Malicious PDFs See more here. References Expand… [1]

PNG

Structure Malicious PNG It’s possible to craft polygon files that are legitimate PNG and PHP simultaneously.

Temp Files

This is about … .