Windows forensic analysis toolkit : advanced analysis techniques for Windows 8

Title:

Personal Author:

Carvey, Harlan A., author

Edition:

Fourth edition

Publication Information:

Amsterdam ; Boston : Syngress, 2014

Physical Description:

xxi, 321 pages : illustrations ; 24 cm.

ISBN:

9780124171572

General Note:

Includes index

Abstract:

"When I sat down to update the material for this edition, I wanted to not only include new information that I'd found or developed since the third edition was published, but I also wanted to try to include as much information as possible regarding Windows 8 and 8.1. With Windows 8.1 becoming available while I was updating the book, the inevitable questions were being asked, and invariably it won't be long before we start seeing the systems appear on analyst's workbenches. As such, I've tried to provide as much information as I could with respect to newer versions of Windows (i.e., 8 and 8.1), either by writing it directly into the book or linking to the sources of information on the Internet, when attempting to summarize it would simply not do the content justice. Keep in mind, however, that new information is being discovered and developed all the time, and at some point, I needed to stop writing and submit the book for final review and publishing. I'm sure that even more information will become available during the time between when the book goes to the printer, and when it actually comes out on the shelves at bookstores"--provided by publisher

Subject Term:

Computer crimes -- Investigation -- United States -- Methodology

Computer networks -- Security measures

Internet -- Security measures

Computer security

Available:*

Library	Item Barcode	Call Number	Material Type	Item Category 1	Status
Searching... PSZ JB	30000010343171	HV8079.C65 C374 2014	Open Access Book	Book	Searching... Unknown

On Order

Summary

Harlan Carvey has updated Windows Forensic Analysis Toolkit , now in its fourth edition, to cover Windows 8 systems. The primary focus of this edition is on analyzing Windows 8 systems and processes using free and open-source tools. The book covers live response, file analysis, malware detection, timeline, and much more. Harlan Carvey presents real-life experiences from the trenches, making the material realistic and showing the why behind the how.

The companion and toolkit materials are hosted online. This material consists of electronic printable checklists, cheat sheets, free custom tools, and walk-through demos. This edition complements Windows Forensic Analysis Toolkit, Second Edition , which focuses primarily on XP, and Windows Forensic Analysis Toolkit, Third Edition , which focuses primarily on Windows 7.

This new fourth edition provides expanded coverage of many topics beyond Windows 8 as well, including new cradle-to-grave case examples, USB device analysis, hacking and intrusion cases, and "how would I do this" from Harlan's personal case files and questions he has received from readers. The fourth edition also includes an all-new chapter on reporting.

Author Notes

Harlan Carvey is a senior information security researcher with the Dell SecureWorks Counter Threat Unit - Special Ops (CTU-SO) team, where his efforts are focused on targeted threat hunting, response, and research. He continues to maintain a passion and focus in analyzing Windows systems, and in particular, the Windows Registry.

Harlan is an accomplished author, public speaker, and open source tool author. He dabbles in other activities, including home brewing and horseback riding. As a result, he has become quite adept at backing up and parking a horse trailer.

Harlan earned a bachelor's degree in electrical engineering from the Virginia Military Institute, and a master's degree in the same discipline from the Naval Postgraduate School. He served in the United States Marine Corps, achieving the rank of captain before departing the service. He resides in Northern Virginia with his family.

Analysis Concepts

Immediate Response

Volume Shadow Copies

File Analysis

Registry Analysis

Malware Detection

Timeline Analysis

Application Analysis

Reporting

Available:*

On Order

Summary

Summary

Author Notes

Table of Contents