X-Ways Forensics Practitioner's Guide (Anglais) Broché – 28 août 2013
|Neuf à partir de||Occasion à partir de|
- Choisissez parmi 17 000 points de collecte en France
- Les membres du programme Amazon Premium bénéficient de livraison gratuites illimitées
- Trouvez votre point de collecte et ajoutez-le à votre carnet d’adresses
- Sélectionnez cette adresse lors de votre commande
Les clients ayant acheté cet article ont également acheté
Descriptions du produit
Revue de presse
"...good reference manual for anyone who wants to learn more about the XWF software...also highly recommended for expert forensics specialists who want to utilize the fullest potential of the XWF software tools."--Journal of Digital Forensics, Security and Law,Vol 9, No 3
Présentation de l'éditeur
The X-Ways Forensics Practitioner's Guide is more than a manual-it's a complete reference guide to the full use of one of the most powerful forensic applications available, software that is used by a wide array of law enforcement agencies and private forensic examiners on a daily basis.
In the X-Ways Forensics Practitioner's Guide, the authors provide you with complete coverage of this powerful tool, walking you through configuration and X-Ways fundamentals, and then moving through case flow, creating and importing hash databases, digging into OS artifacts, and conducting searches.
With X-Ways Forensics Practitioner's Guide, you will be able to use X-Ways Forensics to its fullest potential without any additional training. The book takes you from installation to the most advanced features of the software. Once you are familiar with the basic components of X-Ways, the authors demonstrate never-before-documented features using real life examples and information on how to present investigation results. The book culminates with chapters on reporting, triage and preview methods, as well as electronic discovery and cool X-Ways apps.
- Provides detailed explanations of the complete forensic investigation processe using X-Ways Forensics.
- Goes beyond the basics: hands-on case demonstrations of never-before-documented features of X-Ways.
- Provides the best resource of hands-on information to use X-Ways Forensics.
Aucun appareil Kindle n'est requis. Téléchargez l'une des applis Kindle gratuites et commencez à lire les livres Kindle sur votre smartphone, tablette ou ordinateur.
Pour obtenir l'appli gratuite, saisissez votre ou numéro de téléphone mobile.
Détails sur le produit
Commentaires en ligne
Meilleurs commentaires des clients
Commentaires client les plus utiles sur Amazon.com (beta)
Having been in the digital forensics field for some time I have read my fair share of books about file systems, registry forensics, Mac forensics, and more. This was one of the easiest and most straight forward reads to date. Having read Brett Shavers other book Placing the Suspect Behind the Keyboard: Using Digital Forensics and Investigative Techniques to Identify Cybercrime Suspects I have a feel for how he writes. XWF Practitioner's Guide was no different.
Though, I was surprised by the amount of content they were able to include. The book is not a how-to for digital forensics. Rather, it's a how-to for XWF. I found the book a much better read than the manual. Many of the complaints about XWF are GUI based as users are unfamiliar with the interface. Well, Chapter 3 should eliminate those complaints. The entire chapter deals with the XWF interface and getting the reader more familiar with it's quirks.
Chapter's 4, 5, and 6 are the meat and potatoes for most examiners as they deal with identification of evidence and working with images. The information was good and gave me some ideas to better apply the tool in my workflow.
Chapter 7 is advanced XWF and while informative left me wanting more. I felt this chapter was light, but honestly it wouldn't have been appropriate for the target audience. I think more time should have been spent on scripting and X-Tensions; however, this would likely be better material for an advanced copy or second edition of the book.
Chapter 8 is reporting which in and of itself is not all that exhilarating though highly informative. A break down of report table associations and their meanings was very helpful for understanding XWF output. However, it would have been nice to see a walk through in customizing a report rather than using a third party app (Zimmermans or a couple others out there) to do it for you. I realized I still very much prefer FTK's reporting to any other tool I have used.
The final chapters cover EDRM and XWF for criminal investigations. These chapters were informative and built off of the previous chapters.
I give this book 4/5 stars. I would have liked to see a supplemental disk of walk throughs, electronic materials, or other supplemental information. While the writing was very clear and accurate it would have been nice to see some step-by-step walk throughs of described materials (editing HTML reports, scripting, X-Tensions, etc).
This book will find a home on the bookshelf and wait for it's hopeful companion of advanced materials to cover some of the very special traits of XWF.
After reading Mr Shavers' first book, I expected this book to be similar in ease of read. I was half right. It is easier to read than the X-Ways manual, but it also goes deep into the inner workings of X-Ways with buttons and clicks that I have never heard or of read about, ever. It is as if this book should be included with the purchase of an X-Ways Forensics license. I have followed the xwaysforensics.wordpress.com blog since the authors started and I truly appreciate the support in free tools, tips, and links to all things related to X-Ways Forensics. This has really made my use of X-Ways Forensics so much more productive, that I am asking my company to not be renew the FTK licenses.
Like I said, X-Ways Forensics finally makes sense!
I recommend this book to everyone who has X-Ways Forensics but not to anyone that will not be using X-Ways. The only way this book works is if you have X-Ways Forensics on your machine so you can try all the tips and tricks throughout the book. X-Ways is seems so much cooler now. Job well done!
First off, this book is very well written, flows well, and leads readers right through a tutorial to get them quickly up-to-speed with X-Ways Forensics. This is not an intro to digital forensics book using X-Ways for examples; this is a book for the professional DF examiner who wants to learn how to use X-Ways.
And that leads me to a second point. X-Ways has been often overlooked when people think of the top computer forensics software. But from the WinHex hex editor to WinHex Specialist to X-Ways Forensics, Stefan Fleishman and his team have put together outstanding software and are extraorinarily responsive to user input. All examiners should be taking a serious look at this software. What X-Ways has always lacked, however, is a good user guide...
But we have that now, which brings me to the authors. Brett and Eric -- and Jimmy -- are a great team, which can be seen in the quality of the contents and the writing. We have all benefitted from their comments, questions, and answers on all of the major DF lists -- now we get the book!
If you use X-Ways Forensics, you'll want this book on your shelf. If you don't use X-Ways Forensics, take a look at the book anyway and discover why you should be giving the software a serious look.
X-Ways Forensics (XWF) has come a long way. 10 years ago its genius was concealed by a difficult GUI and lacking real manual. Now many (me included) consider it the sharpest computer forensic analysis tool around. My advice to new forensic examiners is to skip the grinding pace of open source tools and avoid the big companies run by shady management -- head directly for XWF.
Brett's book mirrors his professional life. Lots of energy, attention to details and a mentor's approach to questions.
The book includes the common discussions of this item in that XWF menu. There are also tips aimed at smoothing workflow. What I like most are the explanations of items that combine OS knowledge and XWF capabilities. For example, in the section on the Windows registry a good discussion on tracking USB devices. Some sections of the book introduce related (but important) topics like the use of F-Response with XWF to image or analyze distant machines.
I rate the book at 4.9. It could be 5.0 if it included Mac. Since only integers are available for stars, I'll call it 5.