Windows Forensic Analysis DVD Toolkit
View on ScienceDirect

Windows Forensic Analysis DVD Toolkit

1st Edition - April 24, 2007

Write a review

  • Authors: Harlan Carvey, Harlan Carvey
  • eBook ISBN: 9780080556444

Purchase options

Purchase options
DRM-free (PDF)
eBook Format Help
Sales tax will be calculated at check-out

Institutional Subscription

Support CenterReturns & Refunds
Free Global Shipping
No minimum order

Description

Windows Forensic Analysis DVD Toolkit addresses and discusses in-depth forensic analysis of Windows systems. The book takes the reader to a whole new, undiscovered level of forensic analysis for Windows systems, providing unique information and resources not available anywhere else. This book covers both live and post-mortem response collection and analysis methodologies, addressing material that is applicable to law enforcement, the federal government, students, and consultants. This book also brings this material to the doorstep of system administrators, who are often the front line troops when an incident occurs, but due to staffing and budgets do not have the necessary knowledge to effectively respond. All disc-based content for this title is now available on the Web.

Key Features

  • Contains information about Windows forensic analysis that is not available anywhere else. Much of the information is a result of the author’s own unique research and work
  • Contains working code/programs, in addition to sample files for the reader to work with, that are not available anywhere else
  • The companion DVD for the book contains significant, unique materials (movies, spreadsheet, code, etc.) not available any place else

Readership

Security professionals and law enforcement agents performing incident response and forensic analysis of Windows systems; IT managers

Table of Contents

  • 1. Collecting Volatile Data
    2. Data Analysis
    3. Windows Memory Analysis
    4. Registry Analysis
    5. File Analysis
    6. Executable File Analysis
    7. Rootkits and Rootkit Detection

Product details

  • No. of pages: 416
  • Language: English
  • Copyright: © Syngress 2007
  • Published: April 24, 2007
  • Imprint: Syngress
  • eBook ISBN: 9780080556444

About the Authors

Harlan Carvey

Mr. Carvey is a digital forensics and incident response analyst with past experience in vulnerability assessments, as well as some limited pen testing. He conducts research into digital forensic analysis of Window systems, identifying and parsing various digital artifacts from those systems, and has developed several innovative tools and investigative processes specific to the digital forensics analysis field. He is the developer of RegRipper, a widely-used tool for Windows Registry parsing and analysis. Mr. Carvey has developed and taught several courses, including Windows Forensics, Registry, and Timeline Analysis.

Affiliations and Expertise

DFIR analyst, presenter, and open-source tool author

Harlan Carvey

Mr. Carvey is a digital forensics and incident response analyst with past experience in vulnerability assessments, as well as some limited pen testing. He conducts research into digital forensic analysis of Window systems, identifying and parsing various digital artifacts from those systems, and has developed several innovative tools and investigative processes specific to the digital forensics analysis field. He is the developer of RegRipper, a widely-used tool for Windows Registry parsing and analysis. Mr. Carvey has developed and taught several courses, including Windows Forensics, Registry, and Timeline Analysis.

Affiliations and Expertise

DFIR analyst, presenter, and open-source tool author

Ratings and Reviews

Write a review

Latest reviews

(Total rating for all reviews)

  • Emmanuel A. Tue Jul 02 2019

    Windows Forensic Analysis DVD Toolkit 2nd Edition

    Necessary for every forensic analyst/investigator.