Windows Forensic Analysis Toolkit 3rd Edition

Description

Now in its third edition, Harlan Carvey has updated Windows Forensic Analysis Toolkit to cover Windows 7 systems. The primary focus of this edition is on analyzing Windows 7 systems and on processes using free and open-source tools. The book covers live response, file analysis, malware detection, timeline, and much more. The author presents real-life experiences from the trenches, making the material realistic and showing the why behind the how. New to this edition, the companion and toolkit materials are now hosted online. This material consists of electronic printable checklists, cheat sheets, free custom tools, and walk-through demos. This edition complements Windows Forensic Analysis Toolkit, 2nd Ed. (ISBN: 9781597494229), which focuses primarily on XP.

* Complete coverage and examples on Windows 7 systems

* Contains Lessons from the Field, Case Studies, and War Stories

* Companion online material, including electronic printable checklists, cheat sheets, free custom tools, and walk-through demos

CONTENTS:

Chapter 1: Analysis Concepts

Chapter 2: Immediate Response

Chapter 3: Volume Shadow Copies

Chapter 4: File Analysis

Chapter 5: Registry Analysis

Chapter 6: Malware Detection

Chapter 7: Timeline Analysis

Chapter 8: Application Analysis