This script decodes Cortana search-terms from user-specified IndexedDB.edb files. The script reads these files directly; it does not use the Windows Extensible Storage Engine API.

Note that the script will only read the main database file, not the transaction-log files.

Output is to the console window and bookmarks.

Tuition regarding use of this script is provided on the Guidance Software Inc. Building an Investigation with EnCase training course.