发帖
雷达卡
Mastering Python Forensics
English | 30 Oct. 2015 | ISBN: 1783988045 | 192 Pages | MOBI/EPUB/PDF (True) | 7.4 MB
If you are a network security professional or forensics analyst who wants to gain a deeper understanding of performing forensic analysis with Python, then this book is for you. Some Python experience would be helpful.
Master the art of digital forensics and analysis with Python
About This Book
Learn to perform forensic analysis and investigations with the help of Python, and gain an advanced understanding of the various Python libraries and frameworks
Analyze Python scripts to extract metadata and investigate forensic artifacts
The writers, Dr. Michael Spreitzenbarth and Dr. Johann Uhrmann, have used their experience to craft this hands-on guide to using Python for forensic analysis and investigations
What You Will Learn
Explore the forensic analysis of different platforms such as Windows, Android, and vSphere
Semi-automatically reconstruct major parts of the system activity and time-line
Leverage Python ctypes for protocol decoding
Examine artifacts from mobile, Skype, and browsers
Discover how to utilize Python to improve the focus of your analysis
Investigate in volatile memory with the help of volatility on the Android and Linux platforms
In Detail
Digital forensic analysis is the process of examining and extracting data digitally and examining it. Python has the combination of power, expressiveness, and ease of use that makes it an essential complementary tool to the traditional, off-the-shelf digital forensic tools.
This book will teach you how to perform forensic analysis and investigations by exploring the capabilities of various Python libraries.
The book starts by explaining the building blocks of the Python programming language, especially ctypes in-depth, along with how to automate typical tasks in file system analysis, common correlation tasks to discover anomalies, as well as templates for investigations. Next, we'll show you cryptographic algorithms that can be used during forensic investigations to check for known files or to compare suspicious files with online services such as VirusTotal or Mobile-Sandbox.
Moving on, you'll learn how to sniff on the network, generate and analyze network flows, and perform log correlation with the help of Python scripts and tools. You'll get to know about the concepts of virtualization and how virtualization influences IT forensics, and you'll discover how to perform forensic analysis of a jailbroken/rooted mobile device that is based on iOS or Android.
Finally, the book teaches you how to analyze volatile memory and search for known malware samples based on YARA rules.
Style and approach
This easy-to-follow guide will demonstrate forensic analysis techniques by showing you how to solve real-word-scenarios step by step.
本帖隐藏的内容
Mastering Python Forensics.rar
(7.21 MB, 需要: 5 个论坛币)
本附件包括:- Mastering Python Forensics.epub
- Mastering Python Forensics.mobi
- Mastering Python Forensics.pdf
提升卡
置顶卡
沉默卡
变色卡
抢沙发
千斤顶
显身卡
京公网安备 11010802022788号
