Windows Forensic Analysis Toolkit, Third Edition: Advanced Analysis Techniques for Windows 7

4.36 avg rating
( 22 ratings by Goodreads )
 
9781597497275: Windows Forensic Analysis Toolkit, Third Edition: Advanced Analysis Techniques for Windows 7

Windows Forensic Analysis Toolkit: Advanced Analysis Techniques for Windows 7 provides an overview of live and postmortem response collection and analysis methodologies for Windows 7. It considers the core investigative and analysis concepts that are critical to the work of professionals within the digital forensic analysis community, as well as the need for immediate response once an incident has been identified.
Organized into eight chapters, the book discusses Volume Shadow Copies (VSCs) in the context of digital forensics and explains how analysts can access the wealth of information available in VSCs without interacting with the live system or purchasing expensive solutions. It also describes files and data structures that are new to Windows 7 (or Vista), Windows Registry Forensics, how the presence of malware within an image acquired from a Windows system can be detected, the idea of timeline analysis as applied to digital forensic analysis, and concepts and techniques that are often associated with dynamic malware analysis. Also included are several tools written in the Perl scripting language, accompanied by Windows executables.
This book will prove useful to digital forensic analysts, incident responders, law enforcement officers, students, researchers, system administrators, hobbyists, or anyone with an interest in digital forensic analysis of Windows 7 systems.

  • Timely 3e of a Syngress digital forensic bestseller
  • Updated to cover Windows 7 systems, the newest Windows version
  • New online companion website houses checklists, cheat sheets, free tools, and demos

"synopsis" may belong to another edition of this title.

Review:

Amazon Exclusive: A Letter from Harlan Carvey, author of Windows Forensic Analysis Toolkit, 3rd Edition
Harlan Carvey

Dear Amazon Readers,

I am not an expert. I really, enthusiastically enjoy performing digital forensic analysis of Windows systems and will get up early (for me..."early" is a relative term) to work on an examination. I enjoy not just finding new things in my analysis, but finding new combinations of things, looking for those hidden patterns to jump out of the data. I enjoy writing code to parse the binary contents of a file so that I can then see how the various teeth of the operating system and application gears mesh together, and in seeing what primary, secondary, and tertiary artifacts are left by various events that occur on a system.

When I first started writing books, I did so because I could not find something that would fit what I saw as my needs. Sure, there were books available that covered some aspects of digital forensic analysis of Windows systems, but there wasn't anything available that really went into depth on analyzing Windows as a system of interconnected components. There were books that covered some of the really obvious indications of an intrusion or malware infection, but how often are our examinations really about finding the obvious artifacts? I knew I couldn't be the only one looking for something like this, and writing a book not only provided a reference for myself and others, but the act of writing required me to polish and hone my thoughts. I hope you enjoy the finished product, and that it leads you beyond the obvious.

I hope you find my attempt to contribute to the digital forensics analysis community to be useful and thought-provoking. Thank you.

--Harlan Carvey

From the Back Cover:

Now in its third edition, Harlan Carvey has updatedWindows Forensic Analysis Toolkitto cover Windows 7 systems. The primary focus of this edition will be on analyzing Windows 7 systems and on processes using free and open-source tools. The book covers live response, file analysis, malware detection, timeline, and much more. The author presents real-life experiences from the trenches, making the material realistic and showing the why behind the how. New to this edition, the companion and toolkit materials are now hosted online. This material consists of electronic printable checklists, cheat sheets, free custom tools, and walk-through demos.

"About this title" may belong to another edition of this title.

Top Search Results from the AbeBooks Marketplace

1.

Carvey, Harlan
Published by Syngress (2017)
ISBN 10: 1597497274 ISBN 13: 9781597497275
New Paperback Quantity Available: 2
Print on Demand
Seller:
Murray Media
(North Miami Beach, FL, U.S.A.)
Rating
[?]

Book Description Syngress, 2017. Paperback. Book Condition: New. Never used! This item is printed on demand. Bookseller Inventory # P111597497274

More Information About This Seller | Ask Bookseller a Question

Buy New
US$ 48.36
Convert Currency

Add to Basket

Shipping: US$ 1.99
Within U.S.A.
Destination, Rates & Speeds

2.

Carvey H.
ISBN 10: 1597497274 ISBN 13: 9781597497275
New Quantity Available: 1
Seller:
Bookshub
(Karol Bagh, India)
Rating
[?]

Book Description Book Condition: New. New. US edition. Perfect condition. Customer satisfaction our priority. Bookseller Inventory # ABE-FEB-100871

More Information About This Seller | Ask Bookseller a Question

Buy New
US$ 57.67
Convert Currency

Add to Basket

Shipping: FREE
From India to U.S.A.
Destination, Rates & Speeds

3.

Carvey H.
ISBN 10: 1597497274 ISBN 13: 9781597497275
New Quantity Available: 1
Seller:
EBOOKSTORE2010
(New Delhi, ND, India)
Rating
[?]

Book Description Book Condition: Brand New. New. US edition. Customer Satisfaction guaranteed!!. Bookseller Inventory # SHUB100871

More Information About This Seller | Ask Bookseller a Question

Buy New
US$ 57.72
Convert Currency

Add to Basket

Shipping: FREE
From India to U.S.A.
Destination, Rates & Speeds

4.

Carvey H.
ISBN 10: 1597497274 ISBN 13: 9781597497275
New Quantity Available: 1
Seller:
Basi6 International
(Irving, TX, U.S.A.)
Rating
[?]

Book Description Book Condition: Brand New. New, US edition. Excellent Customer Service. Bookseller Inventory # ABEUSA-100871

More Information About This Seller | Ask Bookseller a Question

Buy New
US$ 60.64
Convert Currency

Add to Basket

Shipping: FREE
Within U.S.A.
Destination, Rates & Speeds

5.

Harlan Carvey
Published by Syngress Media,U.S., United States (2012)
ISBN 10: 1597497274 ISBN 13: 9781597497275
New Paperback Quantity Available: 10
Print on Demand
Seller:
The Book Depository
(London, United Kingdom)
Rating
[?]

Book Description Syngress Media,U.S., United States, 2012. Paperback. Book Condition: New. 3rd edition. Language: English . Brand New Book ***** Print on Demand *****.Windows Forensic Analysis Toolkit: Advanced Analysis Techniques for Windows 7 provides an overview of live and postmortem response collection and analysis methodologies for Windows 7. It considers the core investigative and analysis concepts that are critical to the work of professionals within the digital forensic analysis community, as well as the need for immediate response once an incident has been identified. Organized into eight chapters, the book discusses Volume Shadow Copies (VSCs) in the context of digital forensics and explains how analysts can access the wealth of information available in VSCs without interacting with the live system or purchasing expensive solutions. It also describes files and data structures that are new to Windows 7 (or Vista), Windows Registry Forensics, how the presence of malware within an image acquired from a Windows system can be detected, the idea of timeline analysis as applied to digital forensic analysis, and concepts and techniques that are often associated with dynamic malware analysis. Also included are several tools written in the Perl scripting language, accompanied by Windows executables. This book will prove useful to digital forensic analysts, incident responders, law enforcement officers, students, researchers, system administrators, hobbyists, or anyone with an interest in digital forensic analysis of Windows 7 systems. Bookseller Inventory # AAV9781597497275

More Information About This Seller | Ask Bookseller a Question

Buy New
US$ 64.75
Convert Currency

Add to Basket

Shipping: FREE
From United Kingdom to U.S.A.
Destination, Rates & Speeds

6.

Harlan Carvey
Published by Syngress Media,U.S., United States (2012)
ISBN 10: 1597497274 ISBN 13: 9781597497275
New Paperback Quantity Available: 10
Print on Demand
Seller:
The Book Depository US
(London, United Kingdom)
Rating
[?]

Book Description Syngress Media,U.S., United States, 2012. Paperback. Book Condition: New. 3rd edition. Language: English . Brand New Book ***** Print on Demand *****. Windows Forensic Analysis Toolkit: Advanced Analysis Techniques for Windows 7 provides an overview of live and postmortem response collection and analysis methodologies for Windows 7. It considers the core investigative and analysis concepts that are critical to the work of professionals within the digital forensic analysis community, as well as the need for immediate response once an incident has been identified. Organized into eight chapters, the book discusses Volume Shadow Copies (VSCs) in the context of digital forensics and explains how analysts can access the wealth of information available in VSCs without interacting with the live system or purchasing expensive solutions. It also describes files and data structures that are new to Windows 7 (or Vista), Windows Registry Forensics, how the presence of malware within an image acquired from a Windows system can be detected, the idea of timeline analysis as applied to digital forensic analysis, and concepts and techniques that are often associated with dynamic malware analysis. Also included are several tools written in the Perl scripting language, accompanied by Windows executables. This book will prove useful to digital forensic analysts, incident responders, law enforcement officers, students, researchers, system administrators, hobbyists, or anyone with an interest in digital forensic analysis of Windows 7 systems. Bookseller Inventory # AAV9781597497275

More Information About This Seller | Ask Bookseller a Question

Buy New
US$ 65.27
Convert Currency

Add to Basket

Shipping: FREE
From United Kingdom to U.S.A.
Destination, Rates & Speeds

7.

Carvey, Harlan
Published by Syngress (2012)
ISBN 10: 1597497274 ISBN 13: 9781597497275
New Quantity Available: > 20
Print on Demand
Seller:
Books2Anywhere
(Fairford, GLOS, United Kingdom)
Rating
[?]

Book Description Syngress, 2012. PAP. Book Condition: New. New Book. Delivered from our UK warehouse in 3 to 5 business days. THIS BOOK IS PRINTED ON DEMAND. Established seller since 2000. Bookseller Inventory # LQ-9781597497275

More Information About This Seller | Ask Bookseller a Question

Buy New
US$ 60.97
Convert Currency

Add to Basket

Shipping: US$ 12.15
From United Kingdom to U.S.A.
Destination, Rates & Speeds

8.

Carvey, Harlan
Published by Syngress (2012)
ISBN 10: 1597497274 ISBN 13: 9781597497275
New Quantity Available: > 20
Print on Demand
Seller:
Pbshop
(Wood Dale, IL, U.S.A.)
Rating
[?]

Book Description Syngress, 2012. PAP. Book Condition: New. New Book. Shipped from US within 10 to 14 business days. THIS BOOK IS PRINTED ON DEMAND. Established seller since 2000. Bookseller Inventory # IQ-9781597497275

More Information About This Seller | Ask Bookseller a Question

Buy New
US$ 69.58
Convert Currency

Add to Basket

Shipping: US$ 3.99
Within U.S.A.
Destination, Rates & Speeds

9.

Carvey, Harlan
Published by Syngress (2016)
ISBN 10: 1597497274 ISBN 13: 9781597497275
New Paperback Quantity Available: 1
Print on Demand
Seller:
Ria Christie Collections
(Uxbridge, United Kingdom)
Rating
[?]

Book Description Syngress, 2016. Paperback. Book Condition: New. PRINT ON DEMAND Book; New; Publication Year 2016; Not Signed; Fast Shipping from the UK. No. book. Bookseller Inventory # ria9781597497275_lsuk

More Information About This Seller | Ask Bookseller a Question

Buy New
US$ 68.74
Convert Currency

Add to Basket

Shipping: US$ 5.22
From United Kingdom to U.S.A.
Destination, Rates & Speeds

10.

Carvey, Harlan
Published by Syngress (2017)
ISBN 10: 1597497274 ISBN 13: 9781597497275
New Paperback Quantity Available: > 20
Print on Demand
Seller:
Murray Media
(North Miami Beach, FL, U.S.A.)
Rating
[?]

Book Description Syngress, 2017. Paperback. Book Condition: New. Never used! This item is printed on demand. Bookseller Inventory # 1597497274

More Information About This Seller | Ask Bookseller a Question

Buy New
US$ 83.80
Convert Currency

Add to Basket

Shipping: US$ 1.99
Within U.S.A.
Destination, Rates & Speeds

There are more copies of this book

View all search results for this book