XBOX 360 Forensics

XBOX 360 Forensics

A Digital Forensics Guide to Examining Artifacts

1st Edition - January 6, 2011

Write a review

  • Author: Steven Bolt
  • eBook ISBN: 9781597496247
  • Paperback ISBN: 9781597496230

Purchase options

Purchase options
DRM-free (Mobi, EPub, PDF)
Sales tax will be calculated at check-out

Institutional Subscription

Free Global Shipping
No minimum order


XBOX 360 Forensics is a complete investigation guide for the XBOX game console. Because the XBOX 360 is no longer just a video game console — it streams movies, connects with social networking sites and chatrooms, transfer files, and more — it just may contain evidence to assist in your next criminal investigation. The digital forensics community has already begun to receive game consoles for examination, but there is currently no map for you to follow as there may be with other digital media. XBOX 360 Forensics provides that map and presents the information in an easy-to-read, easy-to-reference format.This book is organized into 11 chapters that cover topics such as Xbox 360 hardware; XBOX LIVE; configuration of the console; initial forensic acquisition and examination; specific file types for Xbox 360; Xbox 360 hard drive; post-system update drive artifacts; and XBOX Live redemption code and Facebook.This book will appeal to computer forensic and incident response professionals, including those in federal government, commercial/private sector contractors, and consultants.

Key Features

  • Game consoles are routinely seized and contain evidence of criminal activity
  • Author Steve Bolt wrote the first whitepaper on XBOX investigations


Computer forensic and incident response professionals. This includes LE, federal government, commercial/private sector contractors, consultants, etc.

Table of Contents

  • Chapter 1 The XBOX 360: Why We Need to be Concerned


    The XBOX 360

    Criminal Uses of the XBOX 360

    Poor Man’s Virtual Reality Simulator



    Chapter 2 XBOX 360 Hardware

    Getting Started with the XBOX 360

    Technical Specifications

    Hard Drive Disassembly



    Chapter 3 XBOX LIVE


    What is XBOX Live?

    Creating an XBOX Live Account and Getting Connected



    Chapter 4 Configuration of the Console


    Getting Started

    Network Configuration and Gamertag Recovery

    Tour of the Dashboard, Profile Creation, and Gamertag Configuration

    Connecting to XBOX Live

    Joining XBOX Live


    Chapter 5 Initial Forensic Acquisition and Examination

    Imaging the Console Hard Drive

    A First Look at the Contents of the Drive

    Additional Information Located on the Drive



    Chapter 6 Xbox 360 - Specific File Types

    XBOX Content



    Chapter 7 XBOX 360 Hard Drive

    Initial Differences

    Examination of the Post-System Updated Drive

    PIRS Files After the Initial System Update

    CON and LIVE File Examination

    New Images Added After the System Update

    Other Artifacts


    Chapter 8 Post-System Update Drive Artifacts

    Examining the XBOX 360 Hard Drive Using Xplorer360

    Getting Started

    Xplorer360 and the Post-System Update Drive

    Cache Folder

    Content Folder

    Mindex folder



    Chapter 9 XBOX Live Redemption Code and Facebook

    XBOX Live

    Redeeming the Prepaid Card


    XBOX Live Facebook Artifacts

    Xplorer360 and Facebook



    Chapter 10 Game Play


    Game Artifacts

    Xplorer 360 and Game Artifacts

    Cache Folder Analysis

    XBOX Live Friends

    Other Cache Files

    Content Folder Changes


    Chapter 11 Additional Files and Research Techniques


    Additional files, "player_configuration_cache.dat" and "preferences.dat"

    Network Traffic Examination

    Network Capture Box

    Decompiling XEX Files

    Additional Tools Available for Analysis



    Appendix A Tools Used in this Research

    Appendix B List of Products Used to Construct the Off the Shelf Capture Box

    Appendix C Removal of the Hard Drive from the New XBOX 360 Slim and Artifacts Pertaining to Data Migration from One Drive to Another

    Appendix D Other Publication

Product details

  • No. of pages: 304
  • Language: English
  • Copyright: © Syngress 2011
  • Published: January 6, 2011
  • Imprint: Syngress
  • eBook ISBN: 9781597496247
  • Paperback ISBN: 9781597496230

About the Author

Steven Bolt

Steven Bolt is currently a Sr. Incident Response and Forensics Team Leader for a global corporation. Previously he worked as a Security Operations Center Manager and as a Computer Forensics Leader, Instructor and course developer at the Defense Cyber Investigations Training Academy. He holds several industry certifications.

Affiliations and Expertise

Computer Forensics Leader, Instructor at the Defence Cyber Investigations Training Academy

Ratings and Reviews

Write a review

There are currently no reviews for "XBOX 360 Forensics"