ebook img

Python Forensics: A Workbench for Inventing and Sharing Digital Forensic Technology PDF

347 Pages·2014·9.414 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Python Forensics: A Workbench for Inventing and Sharing Digital Forensic Technology

Python Forensics This page intentionally left blank Python Forensics A Workbench for Inventing and Sharing Digital Forensic Technology Chet Hosmer Technical Editor: Gary C. Kessler AMSTERDAM (cid:129) BOSTON (cid:129) HEIDELBERG (cid:129) LONDON NEW YORK (cid:129) OXFORD (cid:129) PARIS (cid:129) SAN DIEGO SAN FRANCISCO (cid:129) SINGAPORE (cid:129) SYDNEY (cid:129) TOKYO Syngress is an Imprint of Elsevier AcquiringEditor:SteveElliot EditorialProjectManager:BenjaminRearick ProjectManager:PriyaKumaraguruparan Designer:MarkRogers SyngressisanimprintofElsevier 225WymanStreet,Waltham,MA02451,USA Copyright#2014ElsevierInc.Allrightsreserved. Nopartofthispublicationmaybereproducedortransmittedinanyformorbyanymeans, electronicormechanical,includingphotocopying,recording,oranyinformationstorageand retrievalsystem,withoutpermissioninwritingfromthepublisher.Detailsonhowtoseek permission,furtherinformationaboutthePublisher’spermissionspoliciesandour arrangementswithorganizationssuchastheCopyrightClearanceCenterandtheCopyright LicensingAgency,canbefoundatourwebsite:www.elsevier.com/permissions. Thisbookandtheindividualcontributionscontainedinitareprotectedundercopyrightby thePublisher(otherthanasmaybenotedherein). Notices Knowledgeandbestpracticeinthisfieldareconstantlychanging.Asnewresearchand experiencebroadenourunderstanding,changesinresearchmethodsorprofessionalpractices, maybecomenecessary.Practitionersandresearchersmustalwaysrelyontheirown experienceandknowledgeinevaluatingandusinganyinformationormethodsdescribedhere in.Inusingsuchinformationormethodstheyshouldbemindfuloftheirownsafetyandthe safetyofothers,includingpartiesforwhomtheyhaveaprofessionalresponsibility. Tothefullestextentofthelaw,neitherthePublishernortheauthors,contributors,or editors,assumeanyliabilityforanyinjuryand/ordamagetopersonsorpropertyasamatterof productsliability,negligenceorotherwise,orfromanyuseoroperationofanymethods, products,instructions,orideascontainedinthematerialherein. LibraryofCongressCataloging-in-PublicationData ApplicationSubmitted BritishLibraryCataloguing-in-PublicationData AcataloguerecordforthisbookisavailablefromtheBritishLibrary ISBN:978-0-12-418676-7 ForinformationonallSyngresspublications, visitourwebsiteatstore.elsevier.com/syngress PrintedandboundintheUnitedStatesofAmerica 14 15 16 17 18 10 9 8 7 6 5 4 3 2 1 To my wife Janet, for your love, kindness, patience, and inspiration that you give every day. I am the luckiest guy in the world. This page intentionally left blank Acknowledgments My sincere thanksgo to: Dr. Gary Kessler, the technical editor for this book. Gary, your insights, fresh perspective, deep technical understanding, and guidance added great value to the book. Your constant encouragement and friendshipmadethe processenjoyable. BenRearickandSteveElliotatElsevier,foryourenthusiasmforthistopicandall theguidanceandsupportalongtheway.Thisspirithelpedmorethanyoucanknow. The many teachers thatI have hadover the yearsinsoftware development and forensicsthathavehelpedshapethecontentofthisbook.RonStevens,TomHurbanek, Mike Duren, Allen Guillen, Rhonda Caracappa, Russ Rogers, Jordon Jacobs, Tony Reyes,AmberSchroader,andGregKipper. Joe Giordano, who had the vision in 1998 to create the first U.S. Air Force research contract to study forensic information warfare. This one contract was the catalystformanynewcompanies,novelinnovationsinthefield,theestablishment of the digital forensic research workshop (DFRWS), and the computer forensic research anddevelopment centerat Utica College. You are a true pioneer. vii This page intentionally left blank Endorsements “NotonlydoesHosmerprovideanoutstandingPythonforensicsguideforalllevels of forensics analysis, but also he insightfully illustrates the foundation of a rich collaborative environment that significantly advances the forensic capabilities of the individual, organization, and forensic community as a whole. For analysts, investigators, managers, researchers, academics, and anyone else with an interest indigitalforensics: thisis amustread!” Michael Duren (CISSP), Founder of Cyber Moxie “With today’s rapid changes in technology digital forensics tools and practices arebeingforcedtochangequicklyjusttoremainpartiallyeffective;andthetechnical skills investigators relied on yesterday are quickly becoming obsolete. However, with new technology comes new tools and methods, and the Python language is inoneofthebestpossiblepositionstobeleveragedbyinvestigators.PythonForen- sicsisquitesimplyabookthatisaheadofitstime,andbecauseofthis,itistheperfect book for both the beginner and the experienced investigator. Chet Hosmer does a greatjobofhelping thereader refresholderskillsandcreatenew onesbyoffering step-by-step instructions and intelligently framing the information for maximum understanding and contextual awareness. The skills you will learn from Python Forensicswillhelpyoudevelopaflexibleandinnovativetoolkitthatwillbeusable for yearsto come.” Greg Kipper,SeniorSecurity Architect and Strategistat Verizon “Thisbookpresentsarefreshing,realisticviewontheuseofPythonwithinmod- ern,digitalforensics;includingvaluableinsightintothestrengthsandweaknessesof the language that every knowledgeable forensicsinvestigator should understand.” Russ Rogers, Presidentof Peak Security, Inc. “ThisbookisextremelyusefulfortheforensicPythonprogrammeralsoforthose with little or no programming experience, and an excellent reference cookbook for the experienced programmer. The book considers issues relating to Daubert including testing and validation which is vital for the accreditation of forensic solutions.” Zeno Geradts, Senior Forensic Scientist and R&D coordinator at the NetherlandsForensic Institute ix

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.