XBOX 360 Forensics is a complete investigation guide for the XBOX game console. Because the XBOX 360 is no longer just a video game console — it streams movies, connects with social networking sites and chatrooms, transfer files, and more — it just may contain evidence to assist in your next criminal investigation. The digital forensics community has already begun to receive game consoles for examination, but there is currently no map for you to follow as there may be with other digital media. XBOX 360 Forensics provides that map and presents the information in an easy-to-read, easy-to-reference format.
This book is organized into 11 chapters that cover topics such as Xbox 360 hardware; XBOX LIVE; configuration of the console; initial forensic acquisition and examination; specific file types for Xbox 360; Xbox 360 hard drive; post-system update drive artifacts; and XBOX Live redemption code and Facebook.
This book will appeal to computer forensic and incident response professionals, including those in federal government, commercial/private sector contractors, and consultants.
- Game consoles are routinely seized and contain evidence of criminal activity
- Author Steve Bolt wrote the first whitepaper on XBOX investigations
Computer forensic and incident response professionals. This includes LE, federal government, commercial/private sector contractors, consultants, etc.
Chapter 1 The XBOX 360: Why We Need to be Concerned
The XBOX 360
Criminal Uses of the XBOX 360
Poor Man’s Virtual Reality Simulator
Chapter 2 XBOX 360 Hardware
Getting Started with the XBOX 360
Hard Drive Disassembly
Chapter 3 XBOX LIVE
What is XBOX Live?
Creating an XBOX Live Account and Getting Connected
Chapter 4 Configuration of the Console
Network Configuration and Gamertag Recovery
Tour of the Dashboard, Profile Creation, and Gamertag Configuration
Connecting to XBOX Live
Joining XBOX Live
Chapter 5 Initial Forensic Acquisition and Examination
Imaging the Console Hard Drive
A First Look at the Contents of the Drive
Additional Information Located on the Drive
Chapter 6 Xbox 360 - Specific File Types
Chapter 7 XBOX 360 Hard Drive
Examination of the Post-System Updated Drive
PIRS Files After the Initial System Update
CON and LIVE File Examination
New Images Added After the System Update
Chapter 8 Post-System Update Drive Artifacts
Examining the XBOX 360 Hard Drive Using Xplorer360
Xplorer360 and the Post-System Update Drive
Chapter 9 XBOX Live Redemption Code and Facebook
Redeeming the Prepaid Card
XBOX Live Facebook Artifacts
Xplorer360 and Facebook
Chapter 10 Game Play
Xplorer 360 and Game Artifacts
Cache Folder Analysis
XBOX Live Friends
Other Cache Files
Content Folder Changes
Chapter 11 Additional Files and Research Techniques
Additional files, "player_configuration_cache.dat" and "preferences.dat"
Network Traffic Examination
Network Capture Box
Decompiling XEX Files
Additional Tools Available for Analysis
Appendix A Tools Used in this Research
Appendix B List of Products Used to Construct the Off the Shelf Capture Box
Appendix C Removal of the Hard Drive from the New XBOX 360 Slim and Artifacts Pertaining to Data Migration from One Drive to Another
Appendix D Other Publications
- No. of pages:
- © Syngress 2011
- 6th January 2011
- eBook ISBN:
- Paperback ISBN:
Steven Bolt is currently a Sr. Incident Response and Forensics Team Leader for a global corporation. Previously he worked as a Security Operations Center Manager and as a Computer Forensics Leader, Instructor and course developer at the Defense Cyber Investigations Training Academy. He holds several industry certifications.
is a Computer Forensics Leader, and Instructor at the Defence Cyber Investigations Training Academy. He provides instruction and guidance to support the criminal investigators of the DoD and other federal investigators.
"A very timely reference for forensic examiners, with a wealth of tools and processes for all aspects of the Xbox console. The author takes a unique approach of not just relaying details, but guiding the reader along a forensic adventure to explore the Xbox 360."--Brian Baskin, Senior Consultant, cmdLabs
"Xbox 360 Forensics is a handy reference and a good introduction…. [T]his book is not a simple step-by-step walkthrough but a very good starting point for the reader’s own forensic investigations."--Computers and Security