My badassity begins with my dumbassity.
I have always kept "My Documents" back up in case of a crash. The dumbassity comes from no knowing that Microsoft no longer keeps pictures there. MS pushed windows 10 on my last week and it really hosed my laptop. So I formatted and reinstalled. My docs restore went awfully quick. Pictures and music nowhere to be seen. Music is OK, because I have them on another laptop, but all pics are gone.
What the hell am I going to do now? Hmmm, I do have a computer forensics cert, I did learn file carving.... Build an Ubuntu workstation, overlay SIFT v3, and get to work. Digging through unallocated space looking for FF D8 headers and FF D9 footers can take some time. So I get to building a BASH script. After about an hour, I finally look to the googles. photorec_win.exe will automatically dig through a drive or block image and recover .exe .jpg .dll and a host of other filetypes.
I don't know how many pictures I had before, but I was able to recover about 500. Most importantly, I got the fleet week NYC 1994 and Afghanistan pics. I even got the crazy drunk chick that I hooked up with on a camping trip.
