Items related to Windows Forensic Analysis Toolkit: Advanced Analysis...
Synopsis
Windows Forensic Analysis Toolkit: Advanced Analysis Techniques for Windows 7 provides an overview of live and postmortem response collection and analysis methodologies for Windows 7. It considers the core investigative and analysis concepts that are critical to the work of professionals within the digital forensic analysis community, as well as the need for immediate response once an incident has been identified. Organized into eight chapters, the book discusses Volume Shadow Copies (VSCs) in the context of digital forensics and explains how analysts can access the wealth of information available in VSCs without interacting with the live system or purchasing expensive solutions. It also describes files and data structures that are new to Windows 7 (or Vista), Windows Registry Forensics, how the presence of malware within an image acquired from a Windows system can be detected, the idea of timeline analysis as applied to digital forensic analysis, and concepts and techniques that are often associated with dynamic malware analysis. Also included are several tools written in the Perl scripting language, accompanied by Windows executables. This book will prove useful to digital forensic analysts, incident responders, law enforcement officers, students, researchers, system administrators, hobbyists, or anyone with an interest in digital forensic analysis of Windows 7 systems.
"synopsis" may belong to another edition of this title.
About the Author
Harlan Carvey is a senior information security researcher with the Dell SecureWorks Counter Threat Unit - Special Ops (CTU-SO) team, where his efforts are focused on targeted threat hunting, response, and research. He continues to maintain a passion and focus in analyzing Windows systems, and in particular, the Windows Registry. Harlan is an accomplished author, public speaker, and open source tool author. He dabbles in other activities, including home brewing and horseback riding. As a result, he has become quite adept at backing up and parking a horse trailer. Harlan earned a bachelor's degree in electrical engineering from the Virginia Military Institute, and a master's degree in the same discipline from the Naval Postgraduate School. He served in the United States Marine Corps, achieving the rank of captain before departing the service. He resides in Northern Virginia with his family.
From the Back Cover
Now in its third edition, Harlan Carvey has updated Windows Forensic Analysis Toolkit to cover Windows 7 systems. The primary focus of this edition will be on analyzing Windows 7 systems and on processes using free and open-source tools. The book covers live response, file analysis, malware detection, timeline, and much more. The author presents real-life experiences from the trenches, making the material realistic and showing the why behind the how. New to this edition, the companion and toolkit materials are now hosted online. This material consists of electronic printable checklists, cheat sheets, free custom tools, and walk-through demos.
"About this title" may belong to another edition of this title.
Search results for Windows Forensic Analysis Toolkit: Advanced Analysis...
Stock Image
Windows Forensic Analysis Toolkit : Advanced Analysis Techniques for Windows 7
Published by
Elsevier Science & Technology Books, 2012
ISBN 10: 1597497274
ISBN 13: 9781597497275
Used
Softcover
Seller: Better World Books Ltd, Dunfermline, United Kingdom
Seller rating 5 out of 5 stars
Condition: Very Good. 3rd Edition. Ships from the UK. Former library book; may include library markings. Used book that is in excellent condition. May show signs of wear or have minor defects. Seller Inventory # GRP90514560
Quantity: 1 available
Stock Image
Windows Forensic Analysis Toolkit : Advanced Analysis Techniques for Windows 7
Published by
Elsevier Science & Technology Books, 2012
ISBN 10: 1597497274
ISBN 13: 9781597497275
Used
Softcover
Seller: Better World Books, Mishawaka, IN, U.S.A.
Seller rating 5 out of 5 stars
Condition: Very Good. 3rd Edition. Former library book; may include library markings. Used book that is in excellent condition. May show signs of wear or have minor defects. Seller Inventory # GRP90514560
Quantity: 1 available
Stock Image
Windows Forensic Analysis Toolkit : Advanced Analysis Techniques for Windows 7
Published by
Elsevier Science & Technology Books, 2012
ISBN 10: 1597497274
ISBN 13: 9781597497275
Used
Softcover
Seller: Better World Books: West, Reno, NV, U.S.A.
Seller rating 5 out of 5 stars
Condition: Very Good. 3rd Edition. Used book that is in excellent condition. May show signs of wear or have minor defects. Seller Inventory # 6229822-6
Quantity: 1 available
Stock Image
Windows Forensic Analysis Toolkit : Advanced Analysis Techniques for Windows 7
Published by
Elsevier Science & Technology Books, 2012
ISBN 10: 1597497274
ISBN 13: 9781597497275
Used
Softcover
Seller: Better World Books, Mishawaka, IN, U.S.A.
Seller rating 5 out of 5 stars
Condition: Good. 3rd Edition. Used book that is in clean, average condition without any missing pages. Seller Inventory # 5952103-75
Quantity: 1 available
Stock Image
Windows Forensic Analysis Toolkit: Advanced Analysis Techniques for Windows 7
Seller: ThriftBooks-Dallas, Dallas, TX, U.S.A.
Seller rating 5 out of 5 stars
Paperback. Condition: Good. No Jacket. Pages can have notes/highlighting. Spine may show signs of wear. ~ ThriftBooks: Read More, Spend Less 1.38. Seller Inventory # G1597497274I3N00
Quantity: 1 available
Stock Image
Windows Forensic Analysis Toolkit: Advanced Analysis Techniques for Windows 7
Seller: ThriftBooks-Atlanta, AUSTELL, GA, U.S.A.
Seller rating 5 out of 5 stars
Paperback. Condition: Very Good. No Jacket. May have limited writing in cover pages. Pages are unmarked. ~ ThriftBooks: Read More, Spend Less 1.38. Seller Inventory # G1597497274I4N00
Quantity: 1 available
Stock Image
Windows Forensic Analysis Toolkit: Advanced Analysis Techniques for Windows 7
Seller: Bookmonger.Ltd, HILLSIDE, NJ, U.S.A.
Seller rating 4 out of 5 stars
paperback. Condition: Good. Crease on cover and a few pages*. Seller Inventory # mon0000686070
Quantity: 1 available