Windows Forensic Analysis DVD Toolkit - 2nd Edition

Windows Forensic Analysis DVD Toolkit

2nd Edition

Authors: Harlan Carvey Harlan Carvey
Imprint: Syngress
43.95 + applicable tax
69.95 + applicable tax
34.99 + applicable tax
Unavailable
Compatible Not compatible
VitalSource PC, Mac, iPhone & iPad Amazon Kindle eReader
ePub & PDF Apple & PC desktop. Mobile devices (Apple & Android) Amazon Kindle eReader
Mobi Amazon Kindle eReader Anything else

Institutional Access


Description

"If your job requires investigating compromised Windows hosts, you must read Windows Forensic Analysis."
-Richard Bejtlich, Coauthor of Real Digital Forensics and Amazon.com Top 500 Book Reviewer

"The Registry Analysis chapter alone is worth the price of the book."
-Troy Larson, Senior Forensic Investigator of Microsoft's IT Security Group

"I also found that the entire book could have been written on just registry forensics. However, in order to create broad appeal, the registry section was probably shortened. You can tell Harlan has a lot more to tell."
-Rob Lee, Instructor and Fellow at the SANS Technology Institute, coauthor of Know Your Enemy: Learning About Security Threats, 2E

Author Harlan Carvey has brought his best-selling book up-to-date to give you: the responder, examiner, or analyst the must-have tool kit for your job. Windows is the largest operating system on desktops and servers worldwide, which mean more intrusions, malware infections, and cybercrime happen on these systems. Windows Forensic Analysis DVD Toolkit, 2E covers both live and post-mortem response collection and analysis methodologies, addressing material that is applicable to law enforcement, the federal government, students, and consultants. The book is also accessible to system administrators, who are often the frontline when an incident occurs, but due to staffing and budget constraints do not have the necessary knowledge to respond effectively. The book’s companion material, now available online, contains significant new and updated materials (movies, spreadsheet, code, etc.) not available any place else, because they are created and maintained by the author.

Key Features

  • Best-Selling Windows Digital Forensic book completely updated in this 2nd Edition
  • Learn how to Analyze Data During Live and Post-Mortem Investigations
  • DVD Includes Custom Tools, Updated Code, Movies, and Spreadsheets!

Readership

Digital forensic investigators, IT security professionals, engineers, and system administrators

Table of Contents

Chapter 1: Live Response: Collecting Volatile Data
Chapter 2: Live Response: Analyzing Volatile Data
Chapter 3: Windows Memory Analysis
Chapter 4: Registry Analysis
Chapter 5: File Analysis
Chapter 6: Executable File Analysis
Chapter 7: Rootkits and Rootkit Detection
Chapter 8: Tying It All Together
Chapter 9: Forensic Analysis on a Budget

Details

Language:
English
Imprint:
Syngress
eBook ISBN:
9780080957036
Paperback ISBN:
9781597494229

About the Author

Harlan Carvey

Harlan Carvey is a senior information security researcher with the Dell SecureWorks Counter Threat Unit – Special Ops (CTU-SO) team, where his efforts are focused on targeted threat hunting, response, and research. He continues to maintain a passion and focus in analyzing Windows systems, and in particular, the Windows Registry. Harlan is an accomplished author, public speaker, and open source tool author. He dabbles in other activities, including home brewing and horseback riding. As a result, he has become quite adept at backing up and parking a horse trailer. Harlan earned a bachelor’s degree in electrical engineering from the Virginia Military Institute, and a master’s degree in the same discipline from the Naval Postgraduate School. He served in the United States Marine Corps, achieving the rank of captain before departing the service. He resides in Northern Virginia with his family.

Affiliations and Expertise

DFIR analyst, presenter, and open-source tool author

Harlan Carvey

Harlan Carvey is a senior information security researcher with the Dell SecureWorks Counter Threat Unit – Special Ops (CTU-SO) team, where his efforts are focused on targeted threat hunting, response, and research. He continues to maintain a passion and focus in analyzing Windows systems, and in particular, the Windows Registry. Harlan is an accomplished author, public speaker, and open source tool author. He dabbles in other activities, including home brewing and horseback riding. As a result, he has become quite adept at backing up and parking a horse trailer. Harlan earned a bachelor’s degree in electrical engineering from the Virginia Military Institute, and a master’s degree in the same discipline from the Naval Postgraduate School. He served in the United States Marine Corps, achieving the rank of captain before departing the service. He resides in Northern Virginia with his family.

Affiliations and Expertise

DFIR analyst, presenter, and open-source tool author

Reviews

"If your job requires investigating compromised Windows hosts, you must read Windows Forensic Analysis."--Richard Bejtlich, Coauthor of Real Digital Forensics and Amazon.com Top 500 Book Reviewer