Mastering Python Forensics
English | 30 Oct. 2015 | ISBN: 1783988045 | 192 Pages | MOBI/EPUB/PDF (True) | 64.2 MB
With: Code file
In case you are a community safety skilled or forensics analyst who needs to realize a deeper understanding of performing forensic evaluation with Python, then this guide is for you. Some Python expertise can be useful.
Grasp the artwork of digital forensics and evaluation with Python
About This E-book
Study to carry out forensic evaluation and investigations with the assistance of Python, and achieve a complicated understanding of the varied Python libraries and frameworks
Analyze Python scripts to extract metadata and examine forensic artifacts
The writers, Dr. Michael Spreitzenbarth and Dr. Johann Uhrmann, have used their expertise to craft this hands-on information to utilizing Python for forensic evaluation and investigations
What You Will Study
Discover the forensic evaluation of various platforms akin to Home windows, Android, and vSphere
Semi-automatically reconstruct main elements of the system exercise and time-line
Leverage Python ctypes for protocol decoding
Look at artifacts from cellular, Skype, and browsers
Uncover the way to make the most of Python to enhance the main target of your evaluation
Examine in risky reminiscence with the assistance of volatility on the Android and Linux platforms
Digital forensic evaluation is the method of analyzing and extracting knowledge digitally and analyzing it. Python has the mixture of energy, expressiveness, and ease of use that makes it a vital complementary software to the normal, off-the-shelf digital forensic instruments.
This guide will train you methods to carry out forensic evaluation and investigations by exploring the capabilities of varied Python libraries.
The e-book begins by explaining the constructing blocks of the Python programming language, particularly ctypes in-depth, together with learn how to automate typical duties in file system evaluation, widespread correlation duties to find anomalies, in addition to templates for investigations. Subsequent, we’ll present you cryptographic algorithms that can be utilized throughout forensic investigations to verify for recognized information or to match suspicious information with on-line providers comparable to VirusTotal or Cellular-Sandbox.
Shifting on, you will discover ways to sniff on the community, generate and analyze community flows, and carry out log correlation with the assistance of Python scripts and instruments. You will get to know concerning the ideas of virtualization and the way virtualization influences IT forensics, and you will uncover easy methods to carry out forensic evaluation of a jailbroken/rooted cellular system that’s based mostly on iOS or Android.
Lastly, the e-book teaches you the right way to analyze risky reminiscence and seek for recognized malware samples based mostly on YARA guidelines.
Fashion and strategy
This easy-to-follow information will show forensic evaluation methods by displaying you methods to remedy real-word-scenarios step-by-step.
My Weblog with Updates!