Windows Forensic Analysis Toolkit - Harlan Carvey

Windows Forensic Analysis Toolkit

Advanced Analysis Techniques for Windows 7

(Autor)

Buch | Softcover
296 Seiten
2012 | 3rd edition
Syngress Media,U.S. (Verlag)
978-1-59749-727-5 (ISBN)
59,80 inkl. MwSt
zur Neuauflage
  • Titel erscheint in neuer Auflage
  • Artikel merken
Zu diesem Artikel existiert eine Nachauflage
Windows is the largest operating system on desktops and servers worldwide, which mean more intrusions, malware infections, and cybercrime happen on these systems. This book covers both live and post-mortem response collection and analysis methodologies, addressing material that is applicable to law enforcement, federal government, and students.
Windows Forensic Analysis Toolkit: Advanced Analysis Techniques for Windows 7 provides an overview of live and postmortem response collection and analysis methodologies for Windows 7. It considers the core investigative and analysis concepts that are critical to the work of professionals within the digital forensic analysis community, as well as the need for immediate response once an incident has been identified. Organized into eight chapters, the book discusses Volume Shadow Copies (VSCs) in the context of digital forensics and explains how analysts can access the wealth of information available in VSCs without interacting with the live system or purchasing expensive solutions. It also describes files and data structures that are new to Windows 7 (or Vista), Windows Registry Forensics, how the presence of malware within an image acquired from a Windows system can be detected, the idea of timeline analysis as applied to digital forensic analysis, and concepts and techniques that are often associated with dynamic malware analysis. Also included are several tools written in the Perl scripting language, accompanied by Windows executables. This book will prove useful to digital forensic analysts, incident responders, law enforcement officers, students, researchers, system administrators, hobbyists, or anyone with an interest in digital forensic analysis of Windows 7 systems.

Mr. Carvey is a digital forensics and incident response analyst with past experience in vulnerability assessments, as well as some limited pen testing. He conducts research into digital forensic analysis of Window systems, identifying and parsing various digital artifacts from those systems, and has developed several innovative tools and investigative processes specific to the digital forensics analysis field. He is the developer of RegRipper, a widely-used tool for Windows Registry parsing and analysis. Mr. Carvey has developed and taught several courses, including Windows Forensics, Registry, and Timeline Analysis.

1. Analysis Concepts

2. Incident Preparation

3. Volume Shadow Copies

4. File Analysis

5. Registry Analysis

6. Malware Detection

7. Timeline Analysis

8. Application Analysis

Erscheint lt. Verlag 15.3.2012
Zusatzinfo 60 illustrations; Illustrations
Verlagsort Rockland, MA
Sprache englisch
Maße 191 x 235 mm
Gewicht 590 g
Themenwelt Informatik Betriebssysteme / Server Windows
Informatik Netzwerke Sicherheit / Firewall
Recht / Steuern Strafrecht Kriminologie
ISBN-10 1-59749-727-4 / 1597497274
ISBN-13 978-1-59749-727-5 / 9781597497275
Zustand Neuware
Haben Sie eine Frage zum Produkt?
Mehr entdecken
aus dem Bereich
Insider-Wissen – praxisnah & kompetent

von Ed Bott

Buch | Hardcover (2023)
dpunkt (Verlag)
44,90
Daten abfragen und verarbeiten mit Excel und Power BI

von Ignaz A. Schels

Buch (2023)
Hanser (Verlag)
49,99