Join Books.org — it's free
Home > Books > Windows Forensic Analysis Toolkit: Advanced Analysis Techniques for Windows 7

Windows Forensic Analysis Toolkit: Advanced Analysis Techniques for Windows 7 by Harlan Carvey — book cover
Information Technology

Windows Forensic Analysis Toolkit: Advanced Analysis Techniques for Windows 7

by Harlan Carvey
Write a review
Log in to track your reading progress.

Overview

Now in its third edition, Harlan Carvey has updated Windows Forensic Analysis Toolkit to cover Windows 7 systems. The primary focus of this edition is on analyzing Windows 7 systems and on processes using free and open-source tools. The book covers live response, file analysis, malware detection, timeline, and much more. The author presents real-life experiences from the trenches, making the material realistic and showing the why behind the how. New to this edition, the companion and toolkit materials are now hosted online. This material consists of electronic printable checklists, cheat sheets, free custom tools, and walk-through demos. This edition complements Windows Forensic Analysis Toolkit, 2nd Ed. (ISBN: 9781597494229), which focuses primarily on XP.

  • Complete coverage and examples on Windows 7 systems
  • Contains Lessons from the Field, Case Studies, and War Stories
  • Companion online material, including electronic printable checklists, cheat sheets, free custom tools, and walk-through demos

About the Author, Harlan Carvey

Harlan Carvey (CISSP) is a Vice President of Advanced Security Projects with Terremark Worldwide, Inc. Terremark is a leading global provider of IT infrastructure and “cloud computing” services, based in Miami, FL. Harlan is a key contributor to the Engagement Services practice, providing disk forensics analysis, consulting, and training services to both internal and external customers. Harlan has provided forensic analysis services for the hospitality industry, financial institutions, as well as federal government and law enforcement agencies. Harlan’s primary areas of interest include research and development of novel analysis solutions, with a focus on Windows platforms. Harlan holds a bachelor’s degree in electrical engineering from the Virginia Military Institute and a master’s degree in the same discipline from the Naval Postgraduate School. Harlan resides in Northern Virginia with his family.

Reviews

There are no reviews yet. Log in to write one.

Editorials

From the Publisher

"Harlan has done it again! Continuing in the tradition of excellence established by the previous editions, Windows Forensics Analysis Toolkit 3e is an indispensable resource for any forensic examiner. Whether you're a seasoned veteran or just starting out, this work is required reading. WFA3e will maintain a perennial spot on my core reference bookshelf!"--Cory Altheide, Google

"Windows Forensic Analysis Toolkit 3rd Edition provides a wealth of important information for new and old practitioners alike. Not only does it provide a great overview of artifacts of interest on Windows 7 systems, but it also presents plenty of technology independent concepts that play an important role in any investigation. Feel free to place a copy on your shelf next to WFA 2ed and WRF."--Digital4rensics.com

"The third edition of this reference for system administrators, digital forensic analysts, students, and law enforcement does not replace the second edition, but rather serves as a companion. Coverage encompasses areas such as immediate response, volume shadow copies, file and registry analysis, malware detection, and application analysis. Learning features include b&w screenshots, tip and warning boxes, code (also available on a website), case studies, and 'war stories' from the field. The tools described throughout the book are written in the Perl scripting language, but readers don't need to be experts in Perl, and most of the scripts are accompanied by Windows executables found online. For this third edition, a companion website provides printable checklists, cheat sheets, custom tools, and demos."--Reference and Research Book News, Inc.

"There is a good reason behind the success of the previous editions of this book, and it has to do with two things: new Windows versions are different enough from previous ones to warrant a new edition and, most importantly, the author is simply that good at explaining things. This edition is no different."--HelpNetSecurity

Book Details

Published
February 10, 2012
Publisher
Elsevier Science
Pages
296
Format
Paperback
ISBN
9781597497275

More by Harlan Carvey

Windows Forensic Analysis DVD Toolkit
Windows Forensic Analysis DVD Toolkit
Windows Forensics and Incident Recovery
Windows Forensics and Incident Recovery
Perl Scripting for IT Security
Perl Scripting for IT Security

Similar books

The Real-Time Enterprise: Competing on Time with the Revolutionary Business SEx Machine
The Real-Time Enterprise: Competing on Time with the Revolutionary Business SEx Machine
Process Innovation: Reengineering Work Through Information Technology
Process Innovation: Reengineering Work Through Information Technology
Digital Capital: Harnessing the Power of Business Webs
Digital Capital: Harnessing the Power of Business Webs
Nanoelectronics and Information Technology: Advanced Electronic Materials and Novel Devices
Nanoelectronics and Information Technology: Advanced Electronic Materials and Novel Devices
Information Technology and Libraries
Information Technology and Libraries
Breakthrough Change Management: How to Get Enduring Change Results
Breakthrough Change Management: How to Get Enduring Change Results
Information Multiplicity: American Fiction in the Age of Media Saturation
Information Multiplicity: American Fiction in the Age of Media Saturation
Careers in Information Technology
Careers in Information Technology
Communication: The Impact of Science and Technology
Communication: The Impact of Science and Technology
Information Society And The Black Community
Information Society And The Black Community