Subscription

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Conferences

Free Learning

You're reading from Windows Forensics Cookbook Over 60 practical recipes to acquire memory data and analyze systems with the latest Windows forensic tools

Product type Paperback

Published in Aug 2017

Publisher

ISBN-13 9781784390495

Length 274 pages

Edition 1st Edition

Tools

Windows OS

Concepts

Forensics

Authors (2):

Oleg Skulkin

Scar de Courcier

View More author details

Table of Contents (13) Chapters

Preface

1. Digital Forensics and Evidence Acquisition FREE CHAPTER

2. Windows Memory Acquisition and Analysis

3. Windows Drive Acquisition

4. Windows File System Analysis

5. Windows Shadow Copies Analysis

6. Windows Registry Analysis

7. Main Windows Operating System Artifacts

8. Web Browser Forensics

9. Email and Instant Messaging Forensics

10. Windows 10 Forensics

11. Data Visualization

12. Troubleshooting in Windows Forensic Analysis

Introduction

Memory analysis is a relatively new, but increasingly relevant field. A memory image can be acquired in the same way as a physical image, but by using different tools, some of which will be discussed in this section.

The image can be stored as one of the many formats, depending on the tool used to acquire the image. Once an investigator has the image, they can then analyse the data within it.

One of the main challenges associated with memory forensics is data preservation. Although your only option in a given investigation may be to power down a system and then image the data therein, in reality this ends up having an impact on other potential data sources that might be important later on. It is vital, therefore, to have a thorough understanding of the scene you are investigating and the specific needs of the case before you decide which method to choose. Any time...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at AU $24.99/month. Cancel anytime

Authors (2)

de Courcier

Scar de Courcier is Senior Editor at digital forensics website Forensic Focus. She also works as an independent consultant on online and offline child protection projects. In her spare time, she enjoys swimming, pretending she lives on the USS Voyager, and hanging out with her cat.

See other products by de Courcier

Oleg Skulkin

Oleg Skulkin is the Head of Digital Forensics and Malware Analysis Laboratory at Group-IB. Oleg has worked in the fields of digital forensics, incident response, and cyber threat intelligence and research for over a decade, fueling his passion for uncovering new techniques used by hidden adversaries. Oleg has authored and co-authored multiple blog posts, papers, and books on related topics and holds GCFA and GCTI certifications.

See other products by Oleg Skulkin