Unlike other books, courses and training that expect an analyst to piece together individual instructions into a cohesive investigation, Investigating Windows Systems provides a walk-through of the analysis process, with descriptions of the thought process and analysis decisions along the way.
Investigating Windows Systems will not address topics which have been covered in other books, but will expect the reader to have some ability to discover the detailed usage of tools and to perform their own research. The focus of this volume is to provide a walk-through of the analysis process, with descriptions of the thought process and the analysis decisions made along the way.
A must-have guide for those in the field of digital forensic analysis and incident response.
- Provides the reader with a detailed walk-through of the analysis process, with decision points along the way, assisting the user in understanding the resulting data
- Coverage will include malware detection, user activity, and how to set up a testing environment
- Written at a beginner to intermediate level for anyone engaging in the field of digital forensic analysis and incident response
Digital forensic professionals and analysts, information security professionals, researchers, and practitioners. Students in digital forensics programs at community college or university
2. Malware Detection
3. User Activity
4. Test Environment
5. Field Manual
- No. of pages:
- © Academic Press 2018
- 16th August 2018
- Academic Press
- Paperback ISBN:
- eBook ISBN:
Mr. Carvey is a digital forensics and incident response analyst with past experience in vulnerability assessments, as well as some limited pen testing. He conducts research into digital forensic analysis of Window systems, identifying and parsing various digital artifacts from those systems, and has developed several innovative tools and investigative processes specific to the digital forensics analysis field. He is the developer of RegRipper, a widely-used tool for Windows Registry parsing and analysis. Mr. Carvey has developed and taught several courses, including Windows Forensics, Registry, and Timeline Analysis.
DFIR analyst, presenter, and open-source tool author