舉報 
會員
Python Digital Forensics Cookbook
最新章節:
Conclusion
Ifyouareadigitalforensicsexaminer,cybersecurityspecialist,oranalystatheart,understandthebasicsofPython,andwanttotakeittothenextlevel,thisisthebookforyou.Alongtheway,youwillbeintroducedtoanumberoflibrariessuitableforparsingforensicartifacts.Readerswillbeabletouseandbuilduponthescriptswedeveloptoelevatetheiranalysis.
最新章節
- Conclusion
- There's more...
- How it works...
- How to do it...
- Getting started
- Dissecting the SRUM database
品牌:中圖公司
上架時間:2021-07-08 09:23:21
出版社:Packt Publishing
本書數字版權由中圖公司提供,并由其授權上海閱文信息技術有限公司制作發行
- Conclusion 更新時間:2021-07-08 10:34:51
- There's more...
- How it works...
- How to do it...
- Getting started
- Dissecting the SRUM database
- There's more...
- How it works...
- How to do it...
- Getting started
- Shadow of a former self
- There's more...
- How it works...
- How to do it...
- Getting started
- Indexing internet history
- There's more...
- How it works...
- How to do it...
- Getting started
- A series of fortunate events
- There's more...
- How it works...
- How to do it...
- Getting started
- Parsing prefetch files
- Introduction
- Exploring Windows Forensic Artifacts Recipes - Part II
- There's more...
- How it works...
- How to do it...
- Getting started
- Searching high and low
- There's more...
- How it works...
- How to do it...
- Getting started
- The missing link
- There's more...
- How it works...
- How to do it...
- Getting started
- Gathering user activity
- There's more...
- How it works...
- How to do it...
- Getting started
- Reading the registry
- How it works...
- How to do it...
- Getting started
- A sticky situation
- How it works...
- How to do it...
- Getting started
- One man's trash is a forensic examiner's treasure
- Introduction
- Exploring Windows Forensic Artifacts Recipes - Part I
- There's more...
- How it works...
- How to do it...
- Getting started
- Searching for hashes
- How it works...
- How to do it...
- Getting started
- Processing files within the container
- There's more...
- How it works...
- How to do it...
- Getting started
- Iterating through files
- How it works...
- How to do it...
- Getting started
- Gathering acquisition and media information
- How it works...
- How to do it...
- Getting started
- Opening acquisitions
- Introduction
- Working with Forensic Evidence Container Recipes
- How it works...
- How to do it...
- Getting started
- Scanning for indicators with YARA
- How it works...
- How to do it...
- Getting started
- Adding daily.out parsing to Axiom
- How it works...
- How to do it...
- Getting started
- Interpreting the daily.out log
- There's more...
- How it works...
- How to do it...
- Getting started
- Going spelunking
- There's more...
- How it works...
- How to do it...
- Getting started
- Parsing IIS web logs with RegEx
- There's more...
- How it works...
- How to do it...
- Getting started
- About time
- Introduction
- Log-Based Artifact Recipes
- See also
- There’s more...
- How it works...
- How to do it...
- Getting started
- Parsing PST and OST mailboxes
- How it works...
- How to do it...
- Getting started
- What’s in the box?!
- There’s more...
- How it works...
- How to do it...
- Getting started
- Ordering Takeout
- See also
- There’s more...
- How it works...
- How to do it...
- Getting started
- Viewing MSG files
- How it works...
- How to do it...
- Getting started
- Parsing EML files
- Introduction
- Reading Emails and Taking Names Recipes
- How it works...
- How to do it...
- Getting started
- Totally passive
- How it works...
- How to do it...
- Getting started
- Gathering intel
- How it works...
- How to do it...
- Getting started
- Going hunting for viruses
- There's more...
- How it works...
- How to do it...
- Getting started
- Beautiful Soup
- How it works...
- How to do it...
- Getting started
- Coming into contact with IEF
- How it works...
- How to do it...
- Getting started
- Getting a jump start with IEF
- Introduction
- Networking and Indicators of Compromise Recipes
- There's more...
- How it works...
- How to do it...
- Getting started
- Integrating our metadata extractor with EnCase
- How it works...
- How to do it...
- Getting started
- Reading office document metadata
- There's more...
- How it works...
- How to do it...
- Getting started
- Reviewing executable metadata
- There's more...
- How it works...
- How to do it...
- Getting started
- Mining for PDF metadata
- There's more...
- How it works...
- How to do it...
- Getting started
- The big picture
- There's more...
- How it works...
- How to do it...
- Getting started
- Extracting audio and video metadata
- Introduction
- Extracting Embedded Metadata Recipes
- There's more…
- How it works...
- How to do it...
- Getting started
- Digging deep to recover messages
- How it works...
- How to do it...
- Getting started
- Putting Wi-Fi on the map
- There's more...
- How it works...
- How to do it...
- Getting started
- Processing iTunes backups
- See also
- How it works...
- How to do it...
- Getting started
- Identifying gaps in SQLite databases
- How it works...
- How to do it...
- Getting started
- Handling SQLite databases
- There's more…
- How it works...
- How to do it...
- Getting started
- Parsing PLIST files
- Introduction
- A Deep Dive into Mobile Forensic Recipes
- There's more...
- How it works...
- How to do it...
- Getting started
- Auditing your work
- How it works...
- How to do it...
- Getting started
- Visualizing events with Excel
- There's more...
- How it works...
- How to do it...
- Getting started
- Working with CSVs
- There's more...
- How it works...
- How to do it...
- Getting started
- Creating a paper trail
- There's more...
- How it works...
- How to do it...
- Getting started
- Using HTML templates
- Introduction
- Creating Artifact Report Recipes
- There's more…
- How it works…
- How to do it…
- Getting started
- Multiple hands make light work
- There’s more…
- How it works…
- How to do it…
- Getting started
- Logging results
- There's more…
- How it works…
- How to do it…
- Getting started
- Keeping track with a progress bar
- There's more…
- How it works…
- How to do it…
- Getting started
- Hashing files and data streams
- There's more…
- How it works…
- How to do it…
- Getting started
- Copying files attributes and timestamps
- There's more…
- How it works…
- How to do it…
- Getting started
- Recording file attributes
- There's more…
- How it works…
- How to do it…
- Getting started
- Iterating over loose files
- There's more…
- How it works…
- How to do it…
- Getting started
- Handling arguments like an adult
- Introduction
- Essential Scripting and File Information Recipes
- Questions
- Piracy
- Errata
- Downloading the color images of this book
- Downloading the example code
- Customer support
- Reader feedback
- Conventions
- See also
- There's more…
- How it works…
- How to do it…
- Getting ready
- Sections
- Who this book is for
- What you need for this book
- What this book covers
- Preface
- Dedication
- Customer Feedback
- Why subscribe?
- www.PacktPub.com
- About the Reviewer
- About the Authors
- Credits
- Python Digital Forensics Cookbook
- Copyright
- Title Page
- coverpage
- coverpage
- Title Page
- Copyright
- Python Digital Forensics Cookbook
- Credits
- About the Authors
- About the Reviewer
- www.PacktPub.com
- Why subscribe?
- Customer Feedback
- Dedication
- Preface
- What this book covers
- What you need for this book
- Who this book is for
- Sections
- Getting ready
- How to do it…
- How it works…
- There's more…
- See also
- Conventions
- Reader feedback
- Customer support
- Downloading the example code
- Downloading the color images of this book
- Errata
- Piracy
- Questions
- Essential Scripting and File Information Recipes
- Introduction
- Handling arguments like an adult
- Getting started
- How to do it…
- How it works…
- There's more…
- Iterating over loose files
- Getting started
- How to do it…
- How it works…
- There's more…
- Recording file attributes
- Getting started
- How to do it…
- How it works…
- There's more…
- Copying files attributes and timestamps
- Getting started
- How to do it…
- How it works…
- There's more…
- Hashing files and data streams
- Getting started
- How to do it…
- How it works…
- There's more…
- Keeping track with a progress bar
- Getting started
- How to do it…
- How it works…
- There's more…
- Logging results
- Getting started
- How to do it…
- How it works…
- There’s more…
- Multiple hands make light work
- Getting started
- How to do it…
- How it works…
- There's more…
- Creating Artifact Report Recipes
- Introduction
- Using HTML templates
- Getting started
- How to do it...
- How it works...
- There's more...
- Creating a paper trail
- Getting started
- How to do it...
- How it works...
- There's more...
- Working with CSVs
- Getting started
- How to do it...
- How it works...
- There's more...
- Visualizing events with Excel
- Getting started
- How to do it...
- How it works...
- Auditing your work
- Getting started
- How to do it...
- How it works...
- There's more...
- A Deep Dive into Mobile Forensic Recipes
- Introduction
- Parsing PLIST files
- Getting started
- How to do it...
- How it works...
- There's more…
- Handling SQLite databases
- Getting started
- How to do it...
- How it works...
- Identifying gaps in SQLite databases
- Getting started
- How to do it...
- How it works...
- See also
- Processing iTunes backups
- Getting started
- How to do it...
- How it works...
- There's more...
- Putting Wi-Fi on the map
- Getting started
- How to do it...
- How it works...
- Digging deep to recover messages
- Getting started
- How to do it...
- How it works...
- There's more…
- Extracting Embedded Metadata Recipes
- Introduction
- Extracting audio and video metadata
- Getting started
- How to do it...
- How it works...
- There's more...
- The big picture
- Getting started
- How to do it...
- How it works...
- There's more...
- Mining for PDF metadata
- Getting started
- How to do it...
- How it works...
- There's more...
- Reviewing executable metadata
- Getting started
- How to do it...
- How it works...
- There's more...
- Reading office document metadata
- Getting started
- How to do it...
- How it works...
- Integrating our metadata extractor with EnCase
- Getting started
- How to do it...
- How it works...
- There's more...
- Networking and Indicators of Compromise Recipes
- Introduction
- Getting a jump start with IEF
- Getting started
- How to do it...
- How it works...
- Coming into contact with IEF
- Getting started
- How to do it...
- How it works...
- Beautiful Soup
- Getting started
- How to do it...
- How it works...
- There's more...
- Going hunting for viruses
- Getting started
- How to do it...
- How it works...
- Gathering intel
- Getting started
- How to do it...
- How it works...
- Totally passive
- Getting started
- How to do it...
- How it works...
- Reading Emails and Taking Names Recipes
- Introduction
- Parsing EML files
- Getting started
- How to do it...
- How it works...
- Viewing MSG files
- Getting started
- How to do it...
- How it works...
- There’s more...
- See also
- Ordering Takeout
- Getting started
- How to do it...
- How it works...
- There’s more...
- What’s in the box?!
- Getting started
- How to do it...
- How it works...
- Parsing PST and OST mailboxes
- Getting started
- How to do it...
- How it works...
- There’s more...
- See also
- Log-Based Artifact Recipes
- Introduction
- About time
- Getting started
- How to do it...
- How it works...
- There's more...
- Parsing IIS web logs with RegEx
- Getting started
- How to do it...
- How it works...
- There's more...
- Going spelunking
- Getting started
- How to do it...
- How it works...
- There's more...
- Interpreting the daily.out log
- Getting started
- How to do it...
- How it works...
- Adding daily.out parsing to Axiom
- Getting started
- How to do it...
- How it works...
- Scanning for indicators with YARA
- Getting started
- How to do it...
- How it works...
- Working with Forensic Evidence Container Recipes
- Introduction
- Opening acquisitions
- Getting started
- How to do it...
- How it works...
- Gathering acquisition and media information
- Getting started
- How to do it...
- How it works...
- Iterating through files
- Getting started
- How to do it...
- How it works...
- There's more...
- Processing files within the container
- Getting started
- How to do it...
- How it works...
- Searching for hashes
- Getting started
- How to do it...
- How it works...
- There's more...
- Exploring Windows Forensic Artifacts Recipes - Part I
- Introduction
- One man's trash is a forensic examiner's treasure
- Getting started
- How to do it...
- How it works...
- A sticky situation
- Getting started
- How to do it...
- How it works...
- Reading the registry
- Getting started
- How to do it...
- How it works...
- There's more...
- Gathering user activity
- Getting started
- How to do it...
- How it works...
- There's more...
- The missing link
- Getting started
- How to do it...
- How it works...
- There's more...
- Searching high and low
- Getting started
- How to do it...
- How it works...
- There's more...
- Exploring Windows Forensic Artifacts Recipes - Part II
- Introduction
- Parsing prefetch files
- Getting started
- How to do it...
- How it works...
- There's more...
- A series of fortunate events
- Getting started
- How to do it...
- How it works...
- There's more...
- Indexing internet history
- Getting started
- How to do it...
- How it works...
- There's more...
- Shadow of a former self
- Getting started
- How to do it...
- How it works...
- There's more...
- Dissecting the SRUM database
- Getting started
- How to do it...
- How it works...
- There's more...
- Conclusion 更新時間:2021-07-08 10:34:51
