
X-Ways Forensics Practitioner’s Guide
Description
Key Features
- Provides detailed explanations of the complete forensic investigation processe using X-Ways Forensics.
- Goes beyond the basics: hands-on case demonstrations of never-before-documented features of X-Ways.
- Provides the best resource of hands-on information to use X-Ways Forensics.
Readership
Information Security professionals of all levels, digital forensic examiners and investigators, InfoSec consultants, attorneys, law enforcement officers. Also can sell to forensic training vendors, government training courses, universities, and high-tech crime associations.
Table of Contents
Acknowledgments
About the Authors
Foreword
Introduction
Introduction
Summary
Chapter 1. Installation and Configuration of X-Ways Forensics
Information in this chapter
Introduction
System requirements
Installing XWF
The XWF dongle
The XWF user interface
Configuring XWF
Summary
Reference
Chapter 2. Case Management and Imaging
Information in this chapter
Introduction
Creating a case file
Creating/Adding evidence files
Creating forensic images with XWF
Reverse imaging
Skeleton imaging
Cleansed imaging
CD/DVD
Physical memory imaging
Container files
Working with RAID arrays
Augmenting with F-Response
Shortcuts
Summary
Chapter 3. Navigating the X-Ways Forensics Interface
Information in this chapter
Introduction
Case Data directory tree
Toolbar, tab control, and directory browser options, filters
Directory browser
Mode buttons and Details pane
Status bar
Main menu
General options continued
Volume snapshot options
Viewer programs options continued
Security options
Shortcuts
Summary
Chapter 4. Refine Volume Snapshot
Information in this chapter
Introduction
Volume snapshot options
Starting RVS
RVS options
Results of an RVS
Shortcuts
Summary
Reference
Chapter 5. The XWF Internal Hash Database and the Registry Viewer
Information in this chapter
Introduction
XWF internal hash database and hash sets
The registry through X-Ways forensics
The XWF registry viewer
The XWF registry report
Shortcuts
Summary
Chapter 6. Searching in X-Ways Forensics
Information in this chapter
Introduction
Simultaneous search
Regular expressions
GREP and regular expressions in XWF
Indexed search
Reviewing search hits
Text search
Hexadecimal search
Shortcuts
Summary
Chapter 7. Advanced Use of X-Ways Forensics
Information in this chapter
Introduction
Customizing X-Ways Forensics configuration files
Maneuvering in hex
Timeline and event analysis
Gathering free and slack space
RAM analysis
Scripting, X-Tensions API, and external analysis interface
Shortcuts
Summary
Chapter 8. X-Ways Forensics Reporting
Information in this chapter
Introduction
Adding items to a report table
Comments
Report generation
Report customization
Shortcuts
Summary
Chapter 9. X-Ways Forensics and Electronic Discovery
Information in this chapter
Introduction
Civil litigation
Review of relevant data with X-Ways investigator
Summary
Reference
Chapter 10. X-Ways Forensics and Criminal Investigations
Information in this chapter
Introduction
X-Ways Forensics and criminal investigations
Summary
Reference
Appendix A. X-Ways Forensics Additional Information
Introduction
Online resources
Keyboard shortcuts
Appendix B. X-Ways Forensics How to’s
Frequently asked questions and more XWF tips
Index
Product details
- No. of pages: 264
- Language: English
- Copyright: © Syngress 2013
- Published: August 10, 2013
- Imprint: Syngress
- eBook ISBN: 9780124116221
- Paperback ISBN: 9780124116054
About the Authors
Brett Shavers
Affiliations and Expertise
Eric Zimmerman
Affiliations and Expertise
Ratings and Reviews
There are currently no reviews for "X-Ways Forensics Practitioner’s Guide"