XBOX 360 Forensics

1st Edition

A Digital Forensics Guide to Examining Artifacts

Authors: Steven Bolt
Paperback ISBN: 9781597496230
eBook ISBN: 9781597496247
Imprint: Syngress
Published Date: 6th January 2011
Page Count: 304
45.95 + applicable tax
36.99 + applicable tax
59.95 + applicable tax
Compatible Not compatible
VitalSource PC, Mac, iPhone & iPad Amazon Kindle eReader
ePub & PDF Apple & PC desktop. Mobile devices (Apple & Android) Amazon Kindle eReader
Mobi Amazon Kindle eReader Anything else

Institutional Access


Game consoles have evolved to become complex computer systems that may contain evidence to assist in a criminal investigation. From networking capabilities to chat, voicemail, streaming video and email, the game consoles of today are unrecognizable from complex computer systems. With over 10 million XBOX 360s sold in the United States the likelihood that a criminal investigator encounters an XBOX 360 is a certainty. The digital forensics community has already begun to receive game consoles for examination, but there is no map for them to follow as there may be with other digital media. XBOX 360 Forensics provides that map and present the information for the examiners in an easy to read, easy to read format.

Key Features

  • Game consoles are routinely seized and contain evidence of criminal activity

  • Author Steve Bolt wrote the first whitepaper on XBOX investigations


Computer forensic and incident response professionals. This includes LE, federal government, commercial/private sector contractors, consultants, etc.

Table of Contents

Chapter 1 The XBOX 360: Why We Need to be Concerned


The XBOX 360

Criminal Uses of the XBOX 360

Poor Man’s Virtual Reality Simulator



Chapter 2 XBOX 360 Hardware

Getting Started with the XBOX 360

Technical Specifications

Hard Drive Disassembly



Chapter 3 XBOX LIVE


What is XBOX Live?

Creating an XBOX Live Account and Getting Connected



Chapter 4 Configuration of the Console


Getting Started

Network Configuration and Gamertag Recovery

Tour of the Dashboard, Profile Creation, and Gamertag Configuration

Connecting to XBOX Live

Joining XBOX Live


Chapter 5 Initial Forensic Acquisition and Examination

Imaging the Console Hard Drive

A First Look at the Contents of the Drive

Additional Information Located on the Drive



Chapter 6 Xbox 360 - Specific File Types

XBOX Content



Chapter 7 XBOX 360 Hard Drive

Initial Differences

Examination of the Post-System Updated Drive

PIRS Files After the Initial System Update

CON and LIVE File Examination

New Images Added After the System Update

Other Artifacts


Chapter 8 Post-System Update Drive Artifacts

Examining the XBOX 360 Hard Drive Using Xplorer360

Getting Started

Xplorer360 and the Post-System Update Drive

Cache Folder

Content Folder

Mindex folder



Chapter 9 XBOX Live Redemption Code and Facebook


No. of pages:
© Syngress 2011
eBook ISBN:
Paperback ISBN:

About the Author

Steven Bolt

Steven Bolt is currently a Sr. Incident Response and Forensics Team Leader for a global corporation. Previously he worked as a Security Operations Center Manager and as a Computer Forensics Leader, Instructor and course developer at the Defense Cyber Investigations Training Academy. He holds several industry certifications.

Affiliations and Expertise

is a Computer Forensics Leader, and Instructor at the Defence Cyber Investigations Training Academy. He provides instruction and guidance to support the criminal investigators of the DoD and other federal investigators.


"A very timely reference for forensic examiners, with a wealth of tools and processes for all aspects of the Xbox console. The author takes a unique approach of not just relaying details, but guiding the reader along a forensic adventure to explore the Xbox 360."--Brian Baskin, Senior Consultant, cmdLabs

"Xbox 360 Forensics is a handy reference and a good introduction…. [T]his book is not a simple step-by-step walkthrough but a very good starting point for the reader’s own forensic investigations."--Computers and Security