Learning Python for Forensics Second Edition 상세페이지
Learning Python for Forensics Second Edition
Leverage the power of Python in forensic investigations
- 관심 0
소장
전자책 정가
21,000원
판매가
21,000원
출간 정보
- 2019.01.31 전자책 출간
듣기 기능
TTS(듣기) 미지원
파일 정보
- 471 쪽
- 8.1MB
지원 환경
- 앱
- 웹
- PC뷰어
- PAPER
ISBN
9781789342765
UCI
-
Learning Python for Forensics Second Edition
작품 정보
▶Book Description
Digital forensics plays an integral role in solving complex cybercrimes and helping organizations make sense of cybersecurity incidents. This second edition of Learning Python for Forensics illustrates how Python can be used to support these digital investigations and permits the examiner to automate the parsing of forensic artifacts to spend more time examining actionable data.
The second edition of Learning Python for Forensics will illustrate how to develop Python scripts using an iterative design. Further, it demonstrates how to leverage the various built-in and community-sourced forensics scripts and libraries available for Python today. This book will help strengthen your analysis skills and efficiency as you creatively solve real-world problems through instruction-based tutorials.
By the end of this book, you will build a collection of Python scripts capable of investigating an array of forensic artifacts and master the skills of extracting metadata and parsing complex data structures into actionable reports. Most importantly, you will have developed a foundation upon which to build as you continue to learn Python and enhance your efficacy as an investigator.
▶What You Will Learn
⦁ Learn how to develop Python scripts to solve complex forensic problems
⦁ Build scripts using an iterative design
⦁ Design code to accommodate present and future hurdles
⦁ Leverage built-in and community-sourced libraries
⦁ Understand the best practices in forensic programming
⦁ Learn how to transform raw data into customized reports and visualizations
⦁ Create forensic frameworks to automate analysis of multiple forensic artifacts
⦁ Conduct effective and efficient investigations through programmatic processing
▶Key Features
⦁ Discover how to develop Python scripts for effective digital forensic analysis
⦁ Master the skills of parsing complex data structures with Python libraries
⦁ Solve forensic challenges through the development of practical Python scripts
▶Who This Book Is For
If you are a forensics student, hobbyist, or professional seeking to increase your understanding in forensics through the use of a programming language, then Learning Python for Forensics is for you.
You are not required to have previous experience in programming to learn and master the content within this book. This material, created by forensic professionals, was written with a unique perspective and understanding for examiners who wish to learn programming.
▶What this book covers
⦁ Chapter 1, Now for Something Completely Different, is an introduction to common Python objects, built-in functions, and tropes. We will also cover basic programming concepts.
⦁ Chapter 2, Python Fundamentals, is a continuation of the basics learned in the previous chapter and the development of our first forensic script.
⦁ Chapter 3, Parsing Text Files, discusses a basic setup API log parser to identify first use times for USB devices and introduce the iterative development cycle.
⦁ Chapter 4, Working with Serialized Data Structures, shows how serialized data structures such as JSON files can be used to store or retrieve data in Python. We will parse JSONformatted data from the Bitcoin blockchain containing transaction details.
⦁ Chapter 5, Databases in Python, shows how databases can be used to store and retrieve data via Python. We will use two different database modules to demonstrate different versions of a script that creates an active file listing with a database backend.
⦁ Chapter 6, Extracting Artifacts from Binary Files, is an introduction to the struct module, which will become every examiner's friend. We use the struct module to parse binary data into Python objects from a forensically-relevant source. We will parse the UserAssist key in the registry for user application execution artifacts.
⦁ Chapter 7, Fuzzy Hashing, explores how ssdeep compatible hashes are generated and how to use the pre-built ssdeep module to perform similarity analysis.
⦁ Chapter 8, The Media Age, helps us understand embedded metadata and parse them from forensic sources. In this chapter, we introduce and design an embedded metadata framework in Python.
⦁ Chapter 9, Uncovering Time, provides the first look at the development of the GUI with Python to decode commonly encountered timestamps. This is our introduction to GUI and Python class development.
⦁ Chapter 10, Rapidly Triage Systems, shows how you can use Python to collect volatile and other useful information from popular operating systems. This includes an introduction to a very powerful Windows-specific Python API.
⦁ Chapter 11, Parsing Outlook PST Containers, demonstrates how to read, index, and report on the contents of an Outlook PST container.
⦁ Chapter 12, Recovering Deleted Database Records, introduces SQLite Write-Ahead Logs and how to extract data, including deleted data, from these files.
⦁ Chapter 13, Coming Full Circle, is an aggregation of scripts written in previous chapters into a forensic framework. We explore concepts and methods for designing these larger projects.
Digital forensics plays an integral role in solving complex cybercrimes and helping organizations make sense of cybersecurity incidents. This second edition of Learning Python for Forensics illustrates how Python can be used to support these digital investigations and permits the examiner to automate the parsing of forensic artifacts to spend more time examining actionable data.
The second edition of Learning Python for Forensics will illustrate how to develop Python scripts using an iterative design. Further, it demonstrates how to leverage the various built-in and community-sourced forensics scripts and libraries available for Python today. This book will help strengthen your analysis skills and efficiency as you creatively solve real-world problems through instruction-based tutorials.
By the end of this book, you will build a collection of Python scripts capable of investigating an array of forensic artifacts and master the skills of extracting metadata and parsing complex data structures into actionable reports. Most importantly, you will have developed a foundation upon which to build as you continue to learn Python and enhance your efficacy as an investigator.
▶What You Will Learn
⦁ Learn how to develop Python scripts to solve complex forensic problems
⦁ Build scripts using an iterative design
⦁ Design code to accommodate present and future hurdles
⦁ Leverage built-in and community-sourced libraries
⦁ Understand the best practices in forensic programming
⦁ Learn how to transform raw data into customized reports and visualizations
⦁ Create forensic frameworks to automate analysis of multiple forensic artifacts
⦁ Conduct effective and efficient investigations through programmatic processing
▶Key Features
⦁ Discover how to develop Python scripts for effective digital forensic analysis
⦁ Master the skills of parsing complex data structures with Python libraries
⦁ Solve forensic challenges through the development of practical Python scripts
▶Who This Book Is For
If you are a forensics student, hobbyist, or professional seeking to increase your understanding in forensics through the use of a programming language, then Learning Python for Forensics is for you.
You are not required to have previous experience in programming to learn and master the content within this book. This material, created by forensic professionals, was written with a unique perspective and understanding for examiners who wish to learn programming.
▶What this book covers
⦁ Chapter 1, Now for Something Completely Different, is an introduction to common Python objects, built-in functions, and tropes. We will also cover basic programming concepts.
⦁ Chapter 2, Python Fundamentals, is a continuation of the basics learned in the previous chapter and the development of our first forensic script.
⦁ Chapter 3, Parsing Text Files, discusses a basic setup API log parser to identify first use times for USB devices and introduce the iterative development cycle.
⦁ Chapter 4, Working with Serialized Data Structures, shows how serialized data structures such as JSON files can be used to store or retrieve data in Python. We will parse JSONformatted data from the Bitcoin blockchain containing transaction details.
⦁ Chapter 5, Databases in Python, shows how databases can be used to store and retrieve data via Python. We will use two different database modules to demonstrate different versions of a script that creates an active file listing with a database backend.
⦁ Chapter 6, Extracting Artifacts from Binary Files, is an introduction to the struct module, which will become every examiner's friend. We use the struct module to parse binary data into Python objects from a forensically-relevant source. We will parse the UserAssist key in the registry for user application execution artifacts.
⦁ Chapter 7, Fuzzy Hashing, explores how ssdeep compatible hashes are generated and how to use the pre-built ssdeep module to perform similarity analysis.
⦁ Chapter 8, The Media Age, helps us understand embedded metadata and parse them from forensic sources. In this chapter, we introduce and design an embedded metadata framework in Python.
⦁ Chapter 9, Uncovering Time, provides the first look at the development of the GUI with Python to decode commonly encountered timestamps. This is our introduction to GUI and Python class development.
⦁ Chapter 10, Rapidly Triage Systems, shows how you can use Python to collect volatile and other useful information from popular operating systems. This includes an introduction to a very powerful Windows-specific Python API.
⦁ Chapter 11, Parsing Outlook PST Containers, demonstrates how to read, index, and report on the contents of an Outlook PST container.
⦁ Chapter 12, Recovering Deleted Database Records, introduces SQLite Write-Ahead Logs and how to extract data, including deleted data, from these files.
⦁ Chapter 13, Coming Full Circle, is an aggregation of scripts written in previous chapters into a forensic framework. We explore concepts and methods for designing these larger projects.
작가 소개
⦁ Preston Miller
Preston Miller is a consultant at an internationally recognized firm that specializes in cyber investigations. Preston holds an undergraduate degree from Vassar College and a masters degree, in Digital Forensics, from Marshall University where he was the recipient of the J. Edgar Hoover Scientific Scholarship for academic excellence. While in graduate school, Preston taught classes on Python and Open Source Forensics. Preston has previously been published through Syngress for his research on Bitcoin.
Preston is experienced in conducting traditional Digital Forensic investigations, but specializes in Physical Forensics. Physical Forensics is a subset of Digital Forensics, which involves black box scenarios where data must be acquired from a device by non-traditional means. In his free time, Preston contributes to multiple Python-based open source projects.
Preston would like to thank his wife, Stephanie, for her unwavering encouragement and love. He would also like to thank his family and friends for their support. Preston owes many thanks to Dr. Terry Fenger, Chris Vance, and Robert Boggs for helping him grow his understanding of the field and inspiring him to learn outside of the classroom.
⦁ Chapin Bryce
Chapin Bryce is a consultant at a global firm that is a leader in digital forensics and incident response investigations. After graduating from Champlain College with a bachelor's degree in computer and digital forensics, Chapin dove into the field of digital forensics and incident response joining the GIAC advisory board and earning four GIAC certifications: GCIH, GCFE, GCFA, and GNFA. As a member of multiple ongoing research and development projects, he has authored several books and articles in professional and academic publications, including Python Digital Forensics Cookbook (Forensic 4:Cast Digital Forensics Book of the Year, 2018), Learning Python for Forensics, First Edition, and Digital Forensic Magazine.
Preston Miller is a consultant at an internationally recognized firm that specializes in cyber investigations. Preston holds an undergraduate degree from Vassar College and a masters degree, in Digital Forensics, from Marshall University where he was the recipient of the J. Edgar Hoover Scientific Scholarship for academic excellence. While in graduate school, Preston taught classes on Python and Open Source Forensics. Preston has previously been published through Syngress for his research on Bitcoin.
Preston is experienced in conducting traditional Digital Forensic investigations, but specializes in Physical Forensics. Physical Forensics is a subset of Digital Forensics, which involves black box scenarios where data must be acquired from a device by non-traditional means. In his free time, Preston contributes to multiple Python-based open source projects.
Preston would like to thank his wife, Stephanie, for her unwavering encouragement and love. He would also like to thank his family and friends for their support. Preston owes many thanks to Dr. Terry Fenger, Chris Vance, and Robert Boggs for helping him grow his understanding of the field and inspiring him to learn outside of the classroom.
⦁ Chapin Bryce
Chapin Bryce is a consultant at a global firm that is a leader in digital forensics and incident response investigations. After graduating from Champlain College with a bachelor's degree in computer and digital forensics, Chapin dove into the field of digital forensics and incident response joining the GIAC advisory board and earning four GIAC certifications: GCIH, GCFE, GCFA, and GNFA. As a member of multiple ongoing research and development projects, he has authored several books and articles in professional and academic publications, including Python Digital Forensics Cookbook (Forensic 4:Cast Digital Forensics Book of the Year, 2018), Learning Python for Forensics, First Edition, and Digital Forensic Magazine.
리뷰
0.0
구매자 별점
0명 평가
이 작품을 평가해 주세요!
건전한 리뷰 정착 및 양질의 리뷰를 위해 아래 해당하는 리뷰는 비공개 조치될 수 있음을 안내드립니다.
- 타인에게 불쾌감을 주는 욕설
- 비속어나 타인을 비방하는 내용
- 특정 종교, 민족, 계층을 비방하는 내용
- 해당 작품의 줄거리나 리디 서비스 이용과 관련이 없는 내용
- 의미를 알 수 없는 내용
- 광고 및 반복적인 글을 게시하여 서비스 품질을 떨어트리는 내용
- 저작권상 문제의 소지가 있는 내용
- 다른 리뷰에 대한 반박이나 논쟁을 유발하는 내용
* 결말을 예상할 수 있는 리뷰는 자제하여 주시기 바랍니다.
이 외에도 건전한 리뷰 문화 형성을 위한 운영 목적과 취지에 맞지 않는 내용은 담당자에 의해 리뷰가 비공개 처리가 될 수 있습니다.아직 등록된 리뷰가 없습니다.
첫 번째 리뷰를 남겨주세요!
첫 번째 리뷰를 남겨주세요!
'구매자' 표시는 유료 작품 결제 후 다운로드하거나 리디셀렉트 작품을 다운로드 한 경우에만 표시됩니다.
- 무료 작품 (프로모션 등으로 무료로 전환된 작품 포함)
- '구매자'로 표시되지 않습니다.
- 시리즈 내 무료 작품
- '구매자'로 표시되지 않습니다. 하지만 같은 시리즈의 유료 작품을 결제한 뒤 리뷰를 수정하거나 재등록하면 '구매자'로 표시됩니다.
- 영구 삭제
- 작품을 영구 삭제해도 '구매자' 표시는 남아있습니다.
- 결제 취소
- '구매자' 표시가 자동으로 사라집니다.
개발/프로그래밍 베스트더보기
- 바이브 코딩 너머 개발자 생존법 (애디 오스마니, 강민혁)
- 혼자 공부하는 바이브 코딩 with 클로드 코드 (조태호)
- 요즘 당근 AI 개발 (당근 팀)
- 도메인 주도 설계를 위한 함수형 프로그래밍 (스콧 블라신, 박주형)
- AI 자율학습 밑바닥부터 배우는 AI 에이전트 (다비드스튜디오)
- 연필과 종이로 풀어보는 딥러닝 수학 워크북 214제 (톰 예(Tom yeh) )
- 요즘 바이브 코딩 클로드 코드 완벽 가이드 (최지호(코드팩토리))
- 밑바닥부터 만들면서 배우는 LLM (세바스찬 라시카, 박해선)
- 알아서 잘하는 에이전틱 AI 시스템 구축하기 (안자나바 비스와스, 릭 탈루크다르)
- 개정2판 | 소프트웨어 아키텍처 The Basics (마크 리처즈, 닐 포드)
- 러스트 클린 코드 (브렌든 매슈스, 윤인도)
- AI 엔지니어링 (칩 후옌, 변성윤)
- 밑바닥부터 시작하는 웹 브라우저 (파벨 판체카, 크리스 해럴슨)
- 그림으로 이해하는 도커와 쿠버네티스 (토쿠나가 코헤이 , 서수환)
- 생성형 AI를 위한 프롬프트 엔지니어링 (제임스 피닉스, 마이크 테일러)
- 개정판 | <소문난 명강의> 레트로의 유니티 6 게임 프로그래밍 에센스 (이제민)
- 혼자 공부하는 네트워크 (강민철)
- 데이터베이스 설계, 이렇게 하면 된다 (미크, 윤인성)
- 핸즈온 바이브 코딩 (정도현)
- 기본 이론에서 실무 예제까지, HANA 기반 Easy ABAP 3.0 (김성준, 박재형)
성인 인증 안내
성인 재인증 안내
성인 인증 안내
성인 재인증 안내
청소년보호법에 따라 성인 인증은 1년간
유효하며, 기간이 만료되어 재인증이 필요합니다.
성인 인증 후에 이용해 주세요.
해당 작품은 성인 인증 후 보실 수 있습니다.
성인 인증 후에 이용해 주세요.
청소년보호법에 따라 성인 인증은 1년간
유효하며, 기간이 만료되어 재인증이 필요합니다.
성인 인증 후에 이용해 주세요.
해당 작품은 성인 인증 후 선물하실 수 있습니다.
성인 인증 후에 이용해 주세요.
본문 끝 최상단으로 돌아가기
