- Paperback: 264 pages
- Publisher: Syngress; 1 edition (September 11, 2013)
- Language: English
- ISBN-10: 0124116051
- ISBN-13: 978-0124116054
- Product Dimensions: 7.5 x 0.6 x 9.2 inches
- Shipping Weight: 1.3 pounds (View shipping rates and policies)
- Average Customer Review: 10 customer reviews
- Amazon Best Sellers Rank: #731,615 in Books (See Top 100 in Books)
Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your mobile phone number.
X-Ways Forensics Practitioner’s Guide 1st Edition
Use the Amazon App to scan ISBNs and compare prices.
See the Best Books of 2018 So Far
Looking for something great to read? Browse our editors' picks for the best books of the year so far in fiction, nonfiction, mysteries, children's books, and much more.
Frequently bought together
Customers who bought this item also bought
"...good reference manual for anyone who wants to learn more about the XWF software...also highly recommended for expert forensics specialists who want to utilize the fullest potential of the XWF software tools."--Journal of Digital Forensics, Security and Law,Vol 9, No 3
About the Author
Brett Shavers is a former law enforcement officer of a municipal police department. He has been an investigator assigned to state and federal task forces. Besides working many specialty positions, Brett was the first digital forensics examiner at his police department, attended over 2000 hours of forensic training courses across the country, collected more than a few certifications along the way, and set up the department’s first digital forensics lab in a small, cluttered storage closet.
Eric Zimmerman has been involved with computers in some form or fashion since the days of the Commodore 64. Eric holds a Bachelor of Science in Computer Science. In 2007, Eric started working for a federal law enforcement agency as a Special Agent.
Top customer reviews
There was a problem filtering reviews right now. Please try again later.
Having been in the digital forensics field for some time I have read my fair share of books about file systems, registry forensics, Mac forensics, and more. This was one of the easiest and most straight forward reads to date. Having read Brett Shavers other book Placing the Suspect Behind the Keyboard: Using Digital Forensics and Investigative Techniques to Identify Cybercrime Suspects I have a feel for how he writes. XWF Practitioner's Guide was no different.
Though, I was surprised by the amount of content they were able to include. The book is not a how-to for digital forensics. Rather, it's a how-to for XWF. I found the book a much better read than the manual. Many of the complaints about XWF are GUI based as users are unfamiliar with the interface. Well, Chapter 3 should eliminate those complaints. The entire chapter deals with the XWF interface and getting the reader more familiar with it's quirks.
Chapter's 4, 5, and 6 are the meat and potatoes for most examiners as they deal with identification of evidence and working with images. The information was good and gave me some ideas to better apply the tool in my workflow.
Chapter 7 is advanced XWF and while informative left me wanting more. I felt this chapter was light, but honestly it wouldn't have been appropriate for the target audience. I think more time should have been spent on scripting and X-Tensions; however, this would likely be better material for an advanced copy or second edition of the book.
Chapter 8 is reporting which in and of itself is not all that exhilarating though highly informative. A break down of report table associations and their meanings was very helpful for understanding XWF output. However, it would have been nice to see a walk through in customizing a report rather than using a third party app (Zimmermans or a couple others out there) to do it for you. I realized I still very much prefer FTK's reporting to any other tool I have used.
The final chapters cover EDRM and XWF for criminal investigations. These chapters were informative and built off of the previous chapters.
I give this book 4/5 stars. I would have liked to see a supplemental disk of walk throughs, electronic materials, or other supplemental information. While the writing was very clear and accurate it would have been nice to see some step-by-step walk throughs of described materials (editing HTML reports, scripting, X-Tensions, etc).
This book will find a home on the bookshelf and wait for it's hopeful companion of advanced materials to cover some of the very special traits of XWF.
First off, this book is very well written, flows well, and leads readers right through a tutorial to get them quickly up-to-speed with X-Ways Forensics. This is not an intro to digital forensics book using X-Ways for examples; this is a book for the professional DF examiner who wants to learn how to use X-Ways.
And that leads me to a second point. X-Ways has been often overlooked when people think of the top computer forensics software. But from the WinHex hex editor to WinHex Specialist to X-Ways Forensics, Stefan Fleishman and his team have put together outstanding software and are extraorinarily responsive to user input. All examiners should be taking a serious look at this software. What X-Ways has always lacked, however, is a good user guide...
But we have that now, which brings me to the authors. Brett and Eric -- and Jimmy -- are a great team, which can be seen in the quality of the contents and the writing. We have all benefitted from their comments, questions, and answers on all of the major DF lists -- now we get the book!
If you use X-Ways Forensics, you'll want this book on your shelf. If you don't use X-Ways Forensics, take a look at the book anyway and discover why you should be giving the software a serious look.
X-Ways Forensics (XWF) has come a long way. 10 years ago its genius was concealed by a difficult GUI and lacking real manual. Now many (me included) consider it the sharpest computer forensic analysis tool around. My advice to new forensic examiners is to skip the grinding pace of open source tools and avoid the big companies run by shady management -- head directly for XWF.
Brett's book mirrors his professional life. Lots of energy, attention to details and a mentor's approach to questions.
The book includes the common discussions of this item in that XWF menu. There are also tips aimed at smoothing workflow. What I like most are the explanations of items that combine OS knowledge and XWF capabilities. For example, in the section on the Windows registry a good discussion on tracking USB devices. Some sections of the book introduce related (but important) topics like the use of F-Response with XWF to image or analyze distant machines.
I rate the book at 4.9. It could be 5.0 if it included Mac. Since only integers are available for stars, I'll call it 5.