Aucun appareil Kindle n'est requis. Téléchargez l'une des applis Kindle gratuites et commencez à lire les livres Kindle sur votre smartphone, tablette ou ordinateur.

  • Apple
  • Android
  • Windows Phone
  • Android

Pour obtenir l'appli gratuite, saisissez votre numéro de téléphone mobile.

Prix Kindle : EUR 54,99

Économisez
EUR 1,93 (3%)

TVA incluse

Ces promotions seront appliquées à cet article :

Certaines promotions sont cumulables avec d'autres offres promotionnelles, d'autres non. Pour en savoir plus, veuillez vous référer aux conditions générales de ces promotions.

Envoyer sur votre Kindle ou un autre appareil

Envoyer sur votre Kindle ou un autre appareil

Windows Registry Forensics: Advanced Digital Forensic Analysis of the Windows Registry par [Carvey, Harlan]
Publicité sur l'appli Kindle

Windows Registry Forensics: Advanced Digital Forensic Analysis of the Windows Registry 1 , Format Kindle


Voir les 3 formats et éditions Masquer les autres formats et éditions
Prix Amazon
Neuf à partir de Occasion à partir de
Format Kindle
"Veuillez réessayer"
EUR 54,99

Description du produit

Revue de presse

"As an experienced security architect
I’ve been reasonably familiar with the "windows registry" for many years and have frequently used regedit to look at various keys and values (and have sometimes even taken the dangerous steps of changing values!). In my vast library I also have a number of books describing the registry, although I have to say they are somewhat ancient. However, it was not until I read this book I really appreciated the vast amount of information contained in the various registry files. Indeed I was not aware of forensic importance of these files."--Best Digital Forensics Book in InfoSecReviews Book Awards

"It is no exaggeration to say that nearly everything that happens on a Windows system involves the registry―which makes effective examination of the registry absolutely fundamental to good Windows forensics.  By devoting a whole book to this critical Windows artifact, Harlan has delivered a much needed resource to everyone doing forensics investigations of Windows systems.  What I appreciate about this book, however, is that it is much more than a  mere compilation of registry keys important to forensics investigation.  This is a book about how to examine the registry, and it is a good one."--Troy Larson, Principal Forensic Program Manager, Network Security Investigations, Microsoft

"Windows Registry Forensics provides extensive proof that registry examination is critical to every digital forensic case.  Harlan Carvey steps the reader through critical analysis techniques recovering key evidence of activity of suspect user accounts or intrusion-based malware.  Using his extensive experience and research, Harlan's case studies provide behind-the-scenes details that enable every analyst to utilize these techniques immediately in their own investigations.  This book is a must have reference for current forensic knowledge of the Microsoft Registry Windows XP through Windows 7 and should become core knowledge for any serious digital forensic investigator."--Rob Lee, SANS Institute

"Useful to beginning and intermediate practitioners, but even advanced examiners may fi nd registry information here that they were not previously aware of. Anyone working in digital forensics or incident response who has not made registry examination integral to their process must read and absorb this book. The information is vital to Windows examinations…. Windows Registry Forensics easily succeeds in its mission to convey the value of integrating registry examination into the forensic process. It provides valuable information relevant to a wide range of investigations. And Mr. Carvey’s conversational writing style makes the book easy to read...."--Digital Forensics Magazine

"This guide to digital forensics on computers running the Microsoft Windows operating system provides detailed information on the analysis of the Windows registry to detect intrusion and document user actions. The work is divided into three sections beginning with an overview of the registry structure and following with a discussion of registry analysis tools and concluding with an in depth case study of a registry forensics project. Each section includes answers to frequently asked questions and a selection of references for further reading. Illustrations, code examples, tips and warning notes are provided throughout and an accompanying CD-ROM provides copies of registry analysis tools created by the author. Carvey is a computer forensics consultant."--Book News, Reference & Research

"As an experienced security architect I’ve been reasonably familiar with the ‘windows registry’ for many years and have frequently used regedit to look at various keys and values (and have sometimes even taken the dangerous steps of changing values!). In my vast library I also have a number of books describing the registry, although I have to say they are somewhat ancient. However it was not until I read this book I really appreciated the vast amount of information contained in the various registry files. Indeed I was not aware of forensics importance of these files….. An extremely useful book to a forensics investigator, even an experienced one. I would not hesitate in recommending this book to anyone…"--InfoSecReviews.com

Présentation de l'éditeur

Windows Registry Forensics provides the background of the Windows Registry to help develop an understanding of the binary structure of Registry hive files. Approaches to live response and analysis are included, and tools and techniques for postmortem analysis are discussed at length. Tools and techniques are presented that take the student and analyst beyond the current use of viewers and into real analysis of data contained in the Registry, demonstrating the forensic value of the Registry.

Named a 2011 Best Digital Forensics Book by InfoSec Reviews, this book is packed with real-world examples using freely available open source tools. It also includes case studies and a CD containing code and author-created tools discussed in the book.

This book will appeal to computer forensic and incident response professionals, including federal government and commercial/private sector contractors, consultants, etc.

  • Named a 2011 Best Digital Forensics Book by InfoSec Reviews
  • Packed with real-world examples using freely available open source tools
  • Deep explanation and understanding of the Windows Registry – the most difficult part of Windows to analyze forensically
  • Includes a CD containing code and author-created tools discussed in the book

Détails sur le produit

  • Format : Format Kindle
  • Taille du fichier : 1707 KB
  • Nombre de pages de l'édition imprimée : 228 pages
  • Pagination - ISBN de l'édition imprimée de référence : 1597495808
  • Editeur : Syngress; Édition : 1 (3 janvier 2011)
  • Vendu par : Amazon Media EU S.à r.l.
  • Langue : Anglais
  • ASIN: B004JN0CDO
  • Synthèse vocale : Activée
  • X-Ray :
  • Word Wise: Non activé
  • Composition améliorée: Non activé
  • Moyenne des commentaires client : Soyez la première personne à écrire un commentaire sur cet article
  • Classement des meilleures ventes d'Amazon: n°905.717 dans la Boutique Kindle (Voir le Top 100 dans la Boutique Kindle)
  • Voulez-vous nous parler de prix plus bas?

click to open popover

Commentaires en ligne

Il n'y a pas encore de commentaires clients sur Amazon.fr
5 étoiles
4 étoiles
3 étoiles
2 étoiles
1 étoile

Commentaires client les plus utiles sur Amazon.com (beta) (Peut contenir des commentaires issus du programme Early Reviewer Rewards)

Amazon.com: 4.2 étoiles sur 5 27 commentaires
4 internautes sur 4 ont trouvé ce commentaire utile 
5.0 étoiles sur 5 Learn what information is in the Registry and be a sniper with your analysis 9 avril 2016
Par Daniel Garcia - Publié sur Amazon.com
Format: Format Kindle Achat vérifié
The book provides a detailed discussion on the structure of the registry, its keys and relevancy to digital forensics & incident response(DFIR). The author also focuses on presenting examples and use cases on how the reader can leverage information in the registry as part of an analysis. Discussion of tools is given and the tools presented are free and some are open source which you can modify if you understand the programming language they are written to fit your needs. The author dedicates a chapter on regripper a tool that he wrote to parse registry hives and serves as a mini manual. After reading the previous chapters, hopefully the reader will understand the flexibility of the tool and how one can expand functionality. Overall the author does a great job in presenting the information, although short (191 pages) the content is targeted at what can bring value to the reader/analyst. I recommend to all who work in the DFIR field or are starting to. A longer review will be posted on my blog and i will update this review in the future.
13 internautes sur 13 ont trouvé ce commentaire utile 
5.0 étoiles sur 5 Fishing With Harlan 28 février 2011
Par Eric Huber - Publié sur Amazon.com
Format: Format Kindle Achat vérifié
Windows Registry Forensics is another excellent installment of Harlan's continuing research and education efforts relating to Windows forensics. In his previous work, Windows Forensic Analysis DVD Toolkit, Second Edition, Harlan covered the broader topic of Windows forensics. While he did cover registry forensics issues in his previous work, this book drills down even deeper into the subject and provides the reader with a comprehensive view of the inner workings of the Windows Registry. If you couple this book with his previous book, you essentially get Windows Forensic Analysis, Second Edition: The Director's Cut. I recommend this book to anyone who is interested in digital forensics and will be adding it to my "So you'd like to... Learn Digital Forensics" Amazon guide.

Previous reviewers such as David Nardoni have provided excellent detailed overviews of the individual chapters so I won't repeat that level of depth for this review. Harlan takes a "teach them to fish" approach in teaching the reader about the Windows Registry. If the reader is expecting a book with a laundry list of interesting Registry keys, they will walk away disappointed. This isn't to say that there isn't a tremendous amount revealed about individual keys, but it's done in the larger context of Harlan's efforts to teach the reader about the Registry in a comprehensive manner.

The first chapter is where Harlan teaches the reader about fish (the Registry). This chapter explains what the registry is and how to think about it in the context of an examination. The second chapter teachers the reader about the various fishing poles available to them such as Harlan's own RegRipper tool. The third and fourth chapters is where Harlan takes the reader fishing as he walks the reader through Registry examination using a case study approach.

Harlan is an excellent technical writer so the book flows well and the concepts are presented clearly to the reader. The pictures are large enough to show up clearly in the Kindle version of the book which I was grateful for since this is not always the case with Kindle books. My primary complaint with the book is the price especially for the Kindle edition. I don't expect technical books written for a small audience to be as inexpensive as mass market fiction, but a retail price of $69.95 is pretty steep. As I write this, the Amazon price is $62.95 for the physical version and $55.96 for the Kindle version. The price of the Kindle version is especially irritating considering it doesn't come with the DVD and doesn't require a physical distribution channel to provide it to me. In most cases (pay attention Syngress), I simply won't pay that much for a technical book unless it's something that I know is well written and will provide good value. This is one of those exceptional circumstances. Harlan is one of the few authors who I trust enough to spend that amount of money on for a book.
2 internautes sur 2 ont trouvé ce commentaire utile 
3.0 étoiles sur 5 Okay, but a little dated 18 juillet 2016
Par The Orange Parrot - Publié sur Amazon.com
Format: Broché Achat vérifié
Helped for some of the reports I was writing at the time, but found more up to date info on the web after some more extensive searches.
2 internautes sur 2 ont trouvé ce commentaire utile 
2.0 étoiles sur 5 A lot of actual examples would be helpful and very useful. This would make for a book I could ... 21 août 2016
Par Billy T - Publié sur Amazon.com
Format: Broché Achat vérifié
It's an ok book for some. But, I want to see much more detail on making changes and maybe a whole book of nothing but explainations of
each part of the Binary. And, tons of examples of what changes when the data is altered and what each change makes. Real time effects for actual changes in Windows 7, 8, & 10. XP is over with. A lot of actual examples would be helpful and very useful. This would make for a book I
could really use on a regular basis.
1 internautes sur 1 ont trouvé ce commentaire utile 
5.0 étoiles sur 5 Five Stars 11 mars 2017
Par Missileman (USAF1973-1978) - Publié sur Amazon.com
Format: Broché Achat vérifié
Needed a deeper technical reference for server performance and troubleshooting use.
Ces commentaires ont-ils été utiles ? Dites-le-nous