Digital Forensics with Open Source Tools

Author: Cory Altheide
Publisher: Elsevier
ISBN: 9781597495875
Format: PDF
Download Now
Digital Forensics with Open Source Tools is the definitive book on investigating and analyzing computer systems and media using open source tools. The book is a technical procedural guide, and explains the use of open source tools on Mac, Linux and Windows systems as a platform for performing computer forensics. Both well-known and novel forensic methods are demonstrated using command-line and graphical open source computer forensic tools for examining a wide range of target systems and artifacts. Written by world-renowned forensic practitioners, this book uses the most current examination and analysis techniques in the field. It consists of 9 chapters that cover a range of topics such as the open source examination platform; disk and file system analysis; Windows systems and artifacts; Linux systems and artifacts; Mac OS X systems and artifacts; Internet artifacts; and automating analysis and extending capabilities. The book lends itself to use by students and those entering the field who do not have means to purchase new tools for different investigations. This book will appeal to forensic practitioners from areas including incident response teams and computer forensic investigators; forensic technicians from legal, audit, and consulting firms; and law enforcement agencies. Written by world-renowned forensic practitioners Details core concepts and techniques of forensic file system analysis Covers analysis of artifacts from the Windows, Mac, and Linux operating systems

Open Source Software for Digital Forensics

Author: Ewa Huebner
Publisher: Springer Science & Business Media
ISBN: 9781441958037
Format: PDF, ePub, Mobi
Download Now
Open Source Software for Digital Forensics is the first book dedicated to the use of FLOSS (Free Libre Open Source Software) in computer forensics. It presents the motivations for using FLOSS applications as tools for collection, preservation and analysis of digital evidence in computer and network forensics. It also covers extensively several forensic FLOSS tools, their origins and evolution. Open Source Software for Digital Forensics is based on the OSSCoNF workshop, which was held in Milan, Italy, September 2008 at the World Computing Congress, co-located with OSS 2008. This edited volume is a collection of contributions from researchers and practitioners world wide. Open Source Software for Digital Forensics is designed for advanced level students and researchers in computer science as a secondary text and reference book. Computer programmers, software developers, and digital forensics professionals will also find this book to be a valuable asset.

Hacking mit Security Onion

Author: Chris Sanders
Publisher: Franzis Verlag
ISBN: 3645204962
Format: PDF, Kindle
Download Now
Sie können noch so viel in Hardware, Software und Abwehrmechanismen investieren, absolute Sicherheit für Ihre IT-Infrastruktur wird es nicht geben. Wenn Hacker sich wirklich anstrengen, werden sie auch in Ihr System gelangen. Sollte das geschehen, müssen Sie sowohl technisch als auch organisatorisch so aufgestellt sein, dass Sie die Gegenwart eines Hackers erkennen und darauf reagieren können. Sie müssen in der Lage sein, einen Zwischenfall zu deklarieren und die Angreifer aus Ihrem Netzwerk zu vertreiben, bevor sie erheblichen Schaden anrichten. Das ist Network Security Monitoring (NSM). Lernen Sie von dem leitenden Sicherheitsanalytiker Sanders die Feinheiten des Network Security Monitoring kennen. Konzepte verstehen und Network Security Monitoring mit Open-Source-Tools durchführen: Lernen Sie die drei NSM-Phasen kennen, um diese in der Praxis anzuwenden. Die praktische Umsetzung der NSM erfolgt mit vielen Open-Source-Werkzeugen wie z. B. Bro, Daemonlogger, Dumpcap, Justniffer, Honeyd, Httpry, Netsniff-NG, Sguil, SiLK, Snorby Snort, Squert, Suricata, TShark und Wireshark. Anhand von ausführlichen Beispielen lernen Sie, die Tools effizient in Ihrem Netzwerk einzusetzen.

The Basics of Digital Forensics

Author: John Sammons
Publisher: Syngress
ISBN: 0128018925
Format: PDF
Download Now
The Basics of Digital Forensics provides a foundation for people new to the digital forensics field. This book teaches you how to conduct examinations by discussing what digital forensics is, the methodologies used, key tactical concepts, and the tools needed to perform examinations. Details on digital forensics for computers, networks, cell phones, GPS, the cloud and the Internet are discussed. Also, learn how to collect evidence, document the scene, and how deleted data can be recovered. The new Second Edition of this book provides you with completely up-to-date real-world examples and all the key technologies used in digital forensics, as well as new coverage of network intrusion response, how hard drives are organized, and electronic discovery. You'll also learn how to incorporate quality assurance into an investigation, how to prioritize evidence items to examine (triage), case processing, and what goes into making an expert witness. The Second Edition also features expanded resources and references, including online resources that keep you current, sample legal documents, and suggested further reading. Learn what Digital Forensics entails Build a toolkit and prepare an investigative plan Understand the common artifacts to look for in an exam Second Edition features all-new coverage of hard drives, triage, network intrusion response, and electronic discovery; as well as updated case studies, expert interviews, and expanded resources and references

Windows Registry Forensics

Author: Harlan Carvey
Publisher: Elsevier
ISBN: 9781597495813
Format: PDF, ePub, Docs
Download Now
Windows Registry Forensics provides the background of the Windows Registry to help develop an understanding of the binary structure of Registry hive files. Approaches to live response and analysis are included, and tools and techniques for postmortem analysis are discussed at length. Tools and techniques are presented that take the student and analyst beyond the current use of viewers and into real analysis of data contained in the Registry, demonstrating the forensic value of the Registry. Named a 2011 Best Digital Forensics Book by InfoSec Reviews, this book is packed with real-world examples using freely available open source tools. It also includes case studies and a CD containing code and author-created tools discussed in the book. This book will appeal to computer forensic and incident response professionals, including federal government and commercial/private sector contractors, consultants, etc. Named a 2011 Best Digital Forensics Book by InfoSec Reviews Packed with real-world examples using freely available open source tools Deep explanation and understanding of the Windows Registry – the most difficult part of Windows to analyze forensically Includes a CD containing code and author-created tools discussed in the book

Computer Forensik Hacks

Author: Lorenz Kuhlee
Publisher: O'Reilly Germany
ISBN: 3868991220
Format: PDF
Download Now
Computer-Forensik Hacks ist eine Sammlung von Methoden, Tipps und Tricks – kurz: Hacks – aus allen Bereichen der Computer-Forensik. Die Autoren, die bei der Polizei Forensiker ausbilden, haben praktische Lösungen für echte Problemstellungen aus dem Computer-Forensik-Alltag in kleine, bekömmliche Portionen gepackt, die direkt angewendet werden können. Zu jeder praktischen Lösung gibt es auch das notwendige Hintergrundwissen mit auf den Weg, das benötigt wird, um sowohl das Problem wie auch den Lösungsansatz nachvollziehen zu können. Nicht nur für Forensiker Nicht nur Forensiker müssen heutzutage wissen, wie sie den Zustand eines Computersystems sichern können, damit dies bei späteren Gerichtsverhandlungen juristisch wasserdicht ist. Auch für Systemadministratoren aus der freien Wirtschaft gehört mittlerweile ein computer-forsensisches Grundwissen zum Arbeitsalltag. Und auch Rechtsanwälte benötigen immer wieder Wissen darüber, was bei einer Datensicherung beachtet werden muss. 100 spannende Hacks rund um das Thema Computer-Forensik Computer-Forensik Hacks beginnt mit Hacks zur Vorbereitung und Daten­sicherung, gefolgt von Tipps und Tricks zu Dateisystemen. Der Hauptteil dreht sich um Datenwiederherstellung und das Analysieren der unterschiedlichsten digitalen Spuren, bevor Kapitel zu den Themen Hacking und Virtualisierung folgen. Alle Hacks arbeiten mit Open-Source- oder freier Software Die Hacks in diesem Buch benutzen grundsätzlich kostenlose Software, also Open-Source- oder Freeware Software. Bei wenigen Lösungen verweisen die Autoren aber auch auf Software, die für die Privatnutzung kostenlos, für gewerbliche oder behördliche Nutzung jedoch kostenpflichtig ist. Die beschriebenen Programme laufen durchgängig auf den Betriebssystemen Microsoft Windows oder Linux.

Mehr Hacking mit Python

Author: Justin Seitz
Publisher: dpunkt.verlag
ISBN: 3864917530
Format: PDF, Mobi
Download Now
Wenn es um die Entwicklung leistungsfähiger und effizienter Hacking-Tools geht, ist Python für die meisten Sicherheitsanalytiker die Sprache der Wahl. Doch wie genau funktioniert das? In dem neuesten Buch von Justin Seitz - dem Autor des Bestsellers »Hacking mit Python« - entdecken Sie Pythons dunkle Seite. Sie entwickeln Netzwerk-Sniffer, manipulieren Pakete, infizieren virtuelle Maschinen, schaffen unsichtbare Trojaner und vieles mehr. Sie lernen praktisch, wie man • einen »Command-and-Control«-Trojaner mittels GitHub schafft • Sandboxing erkennt und gängige Malware-Aufgaben wie Keylogging und Screenshotting automatisiert • Windows-Rechte mittels kreativer Prozesskontrolle ausweitet • offensive Speicherforensik-Tricks nutzt, um Passwort-Hashes abzugreifen und Shellcode in virtuelle Maschinen einzuspeisen • das beliebte Web-Hacking-Tool Burp erweitert • die Windows COM-Automatisierung nutzt, um einen Man-in-the-Middle-Angriff durchzuführen • möglichst unbemerkt Daten aus einem Netzwerk abgreift Eine Reihe von Insider-Techniken und kreativen Aufgaben zeigen Ihnen, wie Sie die Hacks erweitern und eigene Exploits entwickeln können.

Windows Forensic Analysis Toolkit

Author: Harlan Carvey
Publisher: Elsevier
ISBN: 1597497282
Format: PDF, ePub, Docs
Download Now
Windows Forensic Analysis Toolkit: Advanced Analysis Techniques for Windows 7 provides an overview of live and postmortem response collection and analysis methodologies for Windows 7. It considers the core investigative and analysis concepts that are critical to the work of professionals within the digital forensic analysis community, as well as the need for immediate response once an incident has been identified. Organized into eight chapters, the book discusses Volume Shadow Copies (VSCs) in the context of digital forensics and explains how analysts can access the wealth of information available in VSCs without interacting with the live system or purchasing expensive solutions. It also describes files and data structures that are new to Windows 7 (or Vista), Windows Registry Forensics, how the presence of malware within an image acquired from a Windows system can be detected, the idea of timeline analysis as applied to digital forensic analysis, and concepts and techniques that are often associated with dynamic malware analysis. Also included are several tools written in the Perl scripting language, accompanied by Windows executables. This book will prove useful to digital forensic analysts, incident responders, law enforcement officers, students, researchers, system administrators, hobbyists, or anyone with an interest in digital forensic analysis of Windows 7 systems. Timely 3e of a Syngress digital forensic bestseller Updated to cover Windows 7 systems, the newest Windows version New online companion website houses checklists, cheat sheets, free tools, and demos

Digital Forensics Explained

Author: Greg Gogolin
Publisher: CRC Press
ISBN: 1439874964
Format: PDF, Kindle
Download Now
The field of computer forensics has experienced significant growth recently and those looking to get into the industry have significant opportunity for upward mobility. Focusing on the concepts investigators need to know to conduct a thorough investigation, Digital Forensics Explained provides an overall description of the forensic practice from a practitioner’s perspective. Starting with an overview, the text describes best practices based on the author’s decades of experience conducting investigations and working in information technology. It illustrates the forensic process, explains what it takes to be an investigator, and highlights emerging trends. Filled with helpful templates and contributions from seasoned experts in their respective fields, the book includes coverage of: Internet and email investigations Mobile forensics for cell phones, iPads, music players, and other small devices Cloud computing from an architecture perspective and its impact on digital forensics Anti-forensic techniques that may be employed to make a forensic exam more difficult to conduct Recoverability of information from damaged media The progression of a criminal case from start to finish Tools that are often used in an examination, including commercial, free, and open-source tools; computer and mobile tools; and things as simple as extension cords Social media and social engineering forensics Case documentation and presentation, including sample summary reports and a cover sheet for a cell phone investigation The text includes acquisition forms, a sequential process outline to guide your investigation, and a checklist of supplies you’ll need when responding to an incident. Providing you with the understanding and the tools to deal with suspects who find ways to make their digital activities hard to trace, the book also considers cultural implications, ethics, and the psychological effects that digital forensics investigations can have on investigators.

File System Forensic Analysis

Author: Brian Carrier
Publisher: Addison-Wesley Professional
ISBN: 9780321268174
Format: PDF, ePub, Mobi
Download Now
Moves beyond the basics and shows how to use tools to recover and analyse forensic evidence.