IPED Digital Forensic Tool. It is an open source software that can be used to process and analyze digital evidence, often seized at crime scenes by law enforcement or in a corporate investigation by private examiners.
Recently a carver for the torrent client "resume.dat" file was added (#1985).
However, working on a real case, the carved resume.dat's did not help that much.
Digging a bit deeper, I "manually" found in the unallocated space a few "resume.dat" entries (i.e. not the whole file, but some of its records) with the information I was looking for.
In such cases, the "resume.dat" file header (which is used to carve it) was overwritten, but some of its records were still there.
Recently a carver for the torrent client "resume.dat" file was added (#1985). However, working on a real case, the carved resume.dat's did not help that much. Digging a bit deeper, I "manually" found in the unallocated space a few "resume.dat" entries (i.e. not the whole file, but some of its records) with the information I was looking for. In such cases, the "resume.dat" file header (which is used to carve it) was overwritten, but some of its records were still there.