EUR 56,92
  • Tous les prix incluent la TVA.
Il ne reste plus que 1 exemplaire(s) en stock (d'autres exemplaires sont en cours d'acheminement).
Expédié et vendu par Amazon. Emballage cadeau disponible.
Quantité :1
Windows Forensic Analysis... a été ajouté à votre Panier
Vous l'avez déjà ?
Repliez vers l'arrière Repliez vers l'avant
Ecoutez Lecture en cours... Interrompu   Vous écoutez un extrait de l'édition audio Audible
En savoir plus
Voir les 3 images

Windows Forensic Analysis Toolkit: Advanced Analysis Techniques for Windows 8 (Anglais) Broché – 27 mars 2014

Voir les formats et éditions Masquer les autres formats et éditions
Prix Amazon
Neuf à partir de Occasion à partir de
Format Kindle
"Veuillez réessayer"
"Veuillez réessayer"
EUR 56,92
EUR 47,73 EUR 54,31

Offres spéciales et liens associés

Descriptions du produit

Revue de presse

"... this book is well written and easy to read…has some material of interest to experts…"--Computing Reviews, Windows Forensic Analysis Toolkit, 4th Edition

"...technical detail is extensive here and those realworld examples mentioned earlier are worked through in intricate detail. You will definitely want to try this at home…" -Network Security, Nov 2014

Présentation de l'éditeur

Harlan Carvey has updated Windows Forensic Analysis Toolkit, now in its fourth edition, to cover Windows 8 systems. The primary focus of this edition is on analyzing Windows 8 systems and processes using free and open-source tools. The book covers live response, file analysis, malware detection, timeline, and much more. Harlan Carvey presents real-life experiences from the trenches, making the material realistic and showing the why behind the how.

The companion and toolkit materials are hosted online. This material consists of electronic printable checklists, cheat sheets, free custom tools, and walk-through demos. This edition complements Windows Forensic Analysis Toolkit, Second Edition, which focuses primarily on XP, and Windows Forensic Analysis Toolkit, Third Edition, which focuses primarily on Windows 7.

This new fourth edition provides expanded coverage of many topics beyond Windows 8 as well, including new cradle-to-grave case examples, USB device analysis, hacking and intrusion cases, and "how would I do this" from Harlan's personal case files and questions he has received from readers. The fourth edition also includes an all-new chapter on reporting.

  • Complete coverage and examples of Windows 8 systems
  • Contains lessons from the field, case studies, and war stories
  • Companion online toolkit material, including electronic printable checklists, cheat sheets, custom tools, and walk-throughs

Aucun appareil Kindle n'est requis. Téléchargez l'une des applis Kindle gratuites et commencez à lire les livres Kindle sur votre smartphone, tablette ou ordinateur.

  • Apple
  • Android
  • Windows Phone
  • Android

Pour obtenir l'appli gratuite, saisissez votre adresse e-mail ou numéro de téléphone mobile.

Détails sur le produit

En savoir plus sur l'auteur

Découvrez des livres, informez-vous sur les écrivains, lisez des blogs d'auteurs et bien plus encore.

Dans ce livre

(En savoir plus)
Parcourir les pages échantillon
Couverture | Copyright | Table des matières | Extrait | Index | Quatrième de couverture
Rechercher dans ce livre:

Quels sont les autres articles que les clients achètent après avoir regardé cet article?

Commentaires en ligne

Il n'y a pas encore de commentaires clients sur
5 étoiles
4 étoiles
3 étoiles
2 étoiles
1 étoiles

Commentaires client les plus utiles sur (beta) HASH(0x9a5b0540) étoiles sur 5 11 commentaires
23 internautes sur 26 ont trouvé ce commentaire utile 
HASH(0x9a5d7bf4) étoiles sur 5 Disappointing Update to Windows Forensic Analysis 30 avril 2014
Par Rob Lee - Publié sur
Format: Format Kindle Achat vérifié
I am a fan of Harlan's books and we even carry them in the SANS bookstore at conference events as recommended reading by SANS instructors. His last book "Windows Forensic Analysis: Advanced Analysis Techniques for Windows 7" was a wonderful rewrite and included many new artifacts found on Windows 7 including jumplists, volume shadow copy, and many new registry keys.

This new book, is basically a reprint of his previous book based on Windows 7 with some brief mentions of Windows 8 artifacts. Harlan does mention this fact even in the book, but I feel the title is a bit misleading especially if you have a copy of his previous book.

If you have already purchased his 3rd edition book, I would pass on this book until more Windows 8 artifacts are detailed in full. Having read the book in full including the last two new chapters, it does include some brief new artifacts for Windows 8, but not enough to warrant spending the money to update your library at this point.

The book is great if the majority of your analysis is on Windows 7 systems. If you don't have a copy of the 3rd edition, then this book is a great addition to your forensics library. However, due the the misleading title "Advanced Analysis Techniques for Windows 8," I cannot rate the version of the book any higher.
3 internautes sur 3 ont trouvé ce commentaire utile 
HASH(0x99706c3c) étoiles sur 5 Should be required reading for Forensic Examiners 20 mai 2014
Par Mari DeGrazia - Publié sur
Format: Broché
This book is well written, full of tips, and teaches the methodology of forensic examinations rather than just “go look here for this artifact”. Case in point is the Timeline chapter. This chapter does a great job of explaining the benefits of creating a timeline, and even walks the reader through the process using a Windows XP image.

The chapter on report writing was extremely helpful. In my experience, this is one area that many examiners may struggle with, because without a way to communicate the findings, the analysis is for not. This chapter not only covers the report writing process with examples, but also covers how to take detailed case notes. Although I have been writing reports for a while, there were still quite a few “ah ha” moments for me.

If you have any of his previous books, and are wondering if the new edition is worth the extra expense and time, I would say a resounding “Yes”. There is new content such as the Correlating Artifacts chapter and the Reports chapter. It has also been updated with some real life case examples that help drive home the points. If you’re new to Harlan’s series, I think this book is a great place to start. In addition to the newer operating systems, this book also covers XP, Sever 2003 and Vista.

It may also be a minor point, but I also like that fact that Harlan uses the pronoun “she” and not always “he” when talking about examiners.

I do have to say that Windows Forensics Analysis 2E is still one of my favorites, but that is probably because it was one of my first forensic books and has all my notes still in it :-)
1 internautes sur 1 ont trouvé ce commentaire utile 
HASH(0x99343b1c) étoiles sur 5 "One Must Have" for Forensics Professionals - Windows Forensics Analysis Toolkit - by Harlan Carvey CISSP 31 octobre 2014
Par Dr. Larry Leibrock - Publié sur
Format: Broché Achat vérifié
I must state at the onset - This is a great digital forensics book.
This book as both an knowledge-builder and go-to desk-reference is a formidable and useful work.

It is very well written and well attributed. If i had to take one book about Windows 8 with me to Bezerkistan in order to complete an WIN 8 digital forensics mission. This Windows Forensics Analysis Tool Kit - is it.

I admire Harlan's technical forensics skills, understanding about limitations the forensics practice and his excellence in writing. This is a "must have" for digital forensics professionals. If you are in the digital forensics - business - get this book - read it - use it.
HASH(0x9b5e24bc) étoiles sur 5 Excellent material presented in an unprofessionally written format 20 janvier 2016
Par J. Shorts - Publié sur
Format: Broché Achat vérifié
I had to buy this book for a third/fourth-year forensics course, the one where we perfect the collection of evidence and the writing digital forensics reports. I would like to give this book four-and-a-half stars for information, but I deducted over a star for the editing errors. I do not know what it is about computer manuals, but of all the books I have had to read during the last seven years of school--including books on accounting, criminal justice, psychology, math, English literature, creative writing, and humanities--the computer manuals sit at the very bottom regarding grammar and punctuation. The glaring errors make it very hard for me to concentrate.

One might think this is a trivial concern, but in fact grammar is exceedingly important to a computer forensic major. We have to match pronouns to antecedents. We have to know about the possessive gerund. We must understand where commas go and understand the difference between colons and semicolons. We have to avoid certain tenses of being, staying mostly in direct past tense. We cannot use first-person speech. We must avoid contractions, and so on. While some of these directives can be ignored in the writing of textbooks and manuals, such as using contractions and even using the first person, a computer forensic professional must adhere to the basics of good grammar. The author and line editors of this book did not match pronouns to antecedents, and they did not use possessive nouns in front of gerunds. They used semicolons where colons would have gone. And I cannot even go into the misuse of comma placement. For one example of the grammar usage in this book, I have written verbatim a sentence on page 37 of the text:

"The two primary concerns during an incident with respect to logs are, where they are located and what's in them--both of which can have a significant impact on the outcome of your incident response activities."

The comma after "are" makes no sense unless the editor inserted a comma after "incident." The m-dash is oddly used, almost as if the first comma put the author and editors at odds at what punctuation to use for the afterthought to the sentence. The usage of the pronoun "your" is overtly colloquial for a textbook. I could even let the usage of "your" go, as this author enjoys the colloquial speech, but the punctuation errors throughout the book reduce the tone's effectiveness. Just because someone is using a friendly tone does not mean that awkward punctuation is any easier to take. This sentence is one of many, many sentences in the book that is clumsily written.

I think the author is a brilliant person, and I certainly will be using his techniques. I just wish that he and the other computer professionals in the field of manual writing would dare the expense of hiring professional textbook editors.

This being said, I would recommend this book for personal information. I would not recommend the book as it is written now for class usage and hope future editions are edited more stringently.
1 internautes sur 1 ont trouvé ce commentaire utile 
HASH(0x9998b2d0) étoiles sur 5 Excellent 10 septembre 2014
Par BB - Publié sur
Format: Broché Achat vérifié
Excellent book! This should be on every DFIR consultants bookshelf.
Ces commentaires ont-ils été utiles ? Dites-le-nous


Souhaitez-vous compléter ou améliorer les informations sur ce produit ? Ou faire modifier les images?