- Paperback: 512 pages
- Publisher: Syngress; 2 edition (June 11, 2009)
- Language: English
- ISBN-10: 1597494224
- ISBN-13: 978-1597494229
- Product Dimensions: 7.5 x 1.2 x 9 inches
- Shipping Weight: 2 pounds
- Average Customer Review: 37 customer reviews
- Amazon Best Sellers Rank: #821,021 in Books (See Top 100 in Books)
Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your mobile phone number.
Windows Forensic Analysis DVD Toolkit, Second Edition 2nd Edition
Use the Amazon App to scan ISBNs and compare prices.
Fulfillment by Amazon (FBA) is a service we offer sellers that lets them store their products in Amazon's fulfillment centers, and we directly pack, ship, and provide customer service for these products. Something we hope you'll especially enjoy: FBA items qualify for FREE Shipping and Amazon Prime.
If you're a seller, Fulfillment by Amazon can help you increase your sales. We invite you to learn more about Fulfillment by Amazon .
There is a newer edition of this item:
"Enlightenment Now: The Case for Reason, Science, Humanism, and Progress"
Is the world really falling apart? Is the ideal of progress obsolete? Cognitive scientist and public intellectual Steven Pinker urges us to step back from the gory headlines and prophecies of doom, and instead, follow the data: In seventy-five jaw-dropping graphs, Pinker shows that life, health, prosperity, safety, peace, knowledge, and happiness are on the rise. Learn more
Customers who bought this item also bought
Customers who viewed this item also viewed
What other items do customers buy after viewing this item?
"If your job requires investigating compromised Windows hosts, you must read Windows Forensic Analysis."--Richard Bejtlich, Coauthor of Real Digital Forensics and Amazon.com Top 500 Book Reviewer
About the Author
Harlan Carvey is a senior information security researcher with the Dell SecureWorks Counter Threat Unit - Special Ops (CTU-SO) team, where his efforts are focused on targeted threat hunting, response, and research. He continues to maintain a passion and focus in analyzing Windows systems, and in particular, the Windows Registry.
Harlan is an accomplished author, public speaker, and open source tool author. He dabbles in other activities, including home brewing and horseback riding. As a result, he has become quite adept at backing up and parking a horse trailer.
Harlan earned a bachelor’s degree in electrical engineering from the Virginia Military Institute, and a master’s degree in the same discipline from the Naval Postgraduate School. He served in the United States Marine Corps, achieving the rank of captain before departing the service. He resides in Northern Virginia with his family.
Top customer reviews
There was a problem filtering reviews right now. Please try again later.
I read non-stop for 8 hours straight yesterday and I still didn't want to put it down. Not only that, but today I was able to recall almost all of the subject matter covered without returning to the book for a reminder. This speaks volumes about a book where too often information is easily forgotten if you aren't sitting in front of a computer practicing the methods being discussed as you make your way through it.
As a long time Windows user, this book has helped fill in a lot of blanks, and I feel like I'll have a lot more flexibility and power by employing many of the tools and techniques as an individual who spends a lot of time using Windows. Thank you Harlan!
The included scripts are very helpful. This book unlike many other books in this genera is designed for the technical professional. Forensic analysis is often like a who done it mystery, and having some more tools in your toolkit will assist you in thinking outside the box. The registry analysis was thorough and essential for a recent project. The memory dump analysis scripts were helpful in a recent Defcon Capture the Flag Competition. A sample chapter is avaliable online.
In this second edition of Windows Forensic Analysis, he broadens the territory to include live system response. His three chapters on the subject are interesting, but not of particular immediate interest to me since I have no call to do such. It is, however, helpful to have the information just in case and Carvey presents it in a coherent manner. His descriptions of the various available are quite good.
Harlan's chapters on Registry and File Analysis are worth far more than the price of the bok. He is one of the masters of the arcane innards of the Windows Registry and has written a power and useful tool, RegRipper, to make registry analysis far easier and more productive. These two chapters alone make this book a must-have for the active computer forensics examiner.
The chapters on Executable File Analysis and Rootkits, like the earlier chapters on live response will have limited application for many examiners. However, once again Carvey's writing style makes the information highly accessible and the chapters are worth reading solely to put their contents in your own memory.
Harlan is quite am accomplished Perl scripter and the accompanying DVD is crammed with useful Perl scripts he has written. As a courtesy, he has also included the scripts from the first edition of his book, which is very nice of him.
Harlan writes for the person with some experience in the field. For those people, Windows Forensic Analysis 2nd. Ed. Serves not only as a text, but as a quotable reference as well. There are actually very few solid texts on computer forensics. This is one of them.
Most recent customer reviews
One caveat though....Read more