The steps to extract web browser data from Pagefile.sys are as follows:

1. Start by creating a new case in Belkasoft Evidence Center - you already know how to do this. Then, add the pagefile.sys file you exported previously as the evidence source.

2. As we are planning to extract web browser artifacts and are dealing with a Windows system, let's choose corresponding data types, as in the following figure:

3. Click Finish and the processing will start. Once the processing phase has finished, go to the Overview tab and check the results.

  As you can see in the preceding figure, we have 2289 URLs extracted from pagefile.sys! Impressive,   isn't it? You can do the same with two other files: swapfile.sys and hiberfil.sys.