gogogo
Syndetics cover image
Image from Syndetics

Windows forensic analysis DVD toolkit 2E / Harlan Carvey ; Eoghan Casey, technical editor.

By: Contributor(s): Material type: TextTextPublication details: Burlington, MA : Syngress Pub., c2009.Edition: 2nd edDescription: xxiv, 482 p. : ill. ; 24 cm. + 1 DVD (12 cm.)ISBN:
  • 1597494224 (pbk. )
  • 9781597494229 (pbk. )
Subject(s): DDC classification:
  • 005.8 CAR
Contents:
Live response : collecting volatile data -- Live response : data analysis -- Windows memory analysis -- Registry analysis -- File analysis -- Executable file analysis -- Rootkits and rootkit detection -- Tying it all together -- Performing analysis on a budget.
Holdings
Item type Current library Call number Copy number Status Date due Barcode
Standard Loan Moylish Library Main Collection 005.8 CAR (Browse shelf(Opens below)) 1 Available 39002100476051

Enhanced descriptions from Syndetics:

Windows Forensic Analysis DVD Toolkit, Second Edition, is a completely updated and expanded version of Harlan Carvey's best-selling forensics book on incident response and investigating cybercrime on Windows systems. With this book, you will learn how to analyze data during live and post-mortem investigations.

New to this edition is Forensic Analysis on a Budget, which collects freely available tools that are essential for small labs, state (or below) law enforcement, and educational organizations. The book also includes new pedagogical elements, Lessons from the Field, Case Studies, and War Stories that present real-life experiences by an expert in the trenches, making the material real and showing the why behind the how. The companion DVD contains significant, and unique, materials (movies, spreadsheet, code, etc.) not available anyplace else because they were created by the author.

This book will appeal to digital forensic investigators, IT security professionals, engineers, and system administrators as well as students and consultants.

Includes bibliographical references and index.

Live response : collecting volatile data -- Live response : data analysis -- Windows memory analysis -- Registry analysis -- File analysis -- Executable file analysis -- Rootkits and rootkit detection -- Tying it all together -- Performing analysis on a budget.

Table of contents provided by Syndetics

  • Chapter 1 Live Response: Collecting Volatile Data
  • Chapter 2 Live Response: Analyzing Volatile Data
  • Chapter 3 Windows Memory Analysis
  • Chapter 4 Registry Analysis
  • Chapter 5 File Analysis
  • Chapter 6 Executable File Analysis
  • Chapter 7 Rootkits and Rootkit Detection
  • Chapter 8 Tying It All Together
  • Chapter 9 Forensic Analysis on a Budget
  • Completely new chapter, not in previous edition

Author notes provided by Syndetics

Harlan Carvey is a senior information security researcher with the Dell SecureWorks Counter Threat Unit - Special Ops (CTU-SO) team, where his efforts are focused on targeted threat hunting, response, and research. He continues to maintain a passion and focus in analyzing Windows systems, and in particular, the Windows Registry.

Harlan is an accomplished author, public speaker, and open source tool author. He dabbles in other activities, including home brewing and horseback riding. As a result, he has become quite adept at backing up and parking a horse trailer.

Harlan earned a bachelor's degree in electrical engineering from the Virginia Military Institute, and a master's degree in the same discipline from the Naval Postgraduate School. He served in the United States Marine Corps, achieving the rank of captain before departing the service. He resides in Northern Virginia with his family.

Powered by Koha