Search Images Videos Maps News Shopping Gmail More »
My library | Help | Advanced Book Search | Web History | Sign in

Books

Windows Registry Forensics:

Advanced Digital Forensic Analysis of the Windows Registry (Google eBook)
Front Cover
1 Review
Elsevier, Jan 24, 2011 - Computers - 206 pages
Harlan Carvey brings you an advanced book on just the Windows Registry ù the most difficult part of Windows to analyze forensically. Windows Registry Forensics provides the background of the Registry to developing an understanding of the binary structure of Registry hive files. Approaches to live response and analysis are included and tools and techniques for post-mortem analysis are discussed at length.

Tools and techniques will be presented that take the analyst beyond the current use of viewers and into real analysis of data contained in the Registry, and demonstrate the forensic value of the Registry.

-Packed with real-world examples using freely available tools

-Deep explanation and understanding of the Windows Registry

-Includes a CD containing code and author-created tools discussed in the book
  

What people are saying - Write a review

Review: Windows Registry Forensics: Advanced Digital Forensic Analysis of the Windows Registry

User Review  - Dan - Goodreads

Not as in depth as I was hoping. It's a great introduction to Registry forensics, but most of this won't be new for experienced examiners. I was hoping for a more comprehensive reference guide to lots ... Read full review

Related books

Windows Forensic Analysis: DVD Toolkit
Windows Forensic Analysis: DVD Toolkit
Harlan Carvey
Limited preview - 2007
Mastering Windows Network Forensics and Investigation
Mastering Windows Network Forensics and Investigation
Steve Anson,Steve Bunting
Limited preview - 2007
Digital Forensics with Open Source Tools: Using Open Source Platform Tools ...
Digital Forensics with Open Source Tools: Using Open Source Platform Tools ...
Cory Altheide,Harlan Carvey
Limited preview - 2011
All related books »

Selected pages

Contents

Common terms and phrases

acquired image application artifacts batch file beneath this key binary data boot browser bytes chapter command computer forensic configuration contents created default entries examination example extract file system firewall forensic analysis hashes illustrated in Figure incident response indications installed Internet KB article key LastWrite key or value keys and values launched LM hash located look maintained malware Microsoft Developer Network Microsoft Support MRU list Network NTLM NTUSER.dat hive operating system OphCrack output parse password Perl persistence mechanism plug-in plug-ins file Registry analysis Registry hive files Registry keys Registry values RegRipper RegRipper plug-in rip.pl Rob Lee Run key script shell extensions Software hive specific structure System hive System Restore Points there’s tion updated USB device user account User Profile user’s hive UserAssist key value names versions of Windows Windows Explorer Windows Registry Windows systems Windows Vista Windows XP Windows XP system

About the author (2011)

Harlan Carvey (CISSP) is a vice president of Advanced Security Projects with Terremark Worldwide, Inc. Terremark is a leading global provider of IT infrastructure and "cloud computing" services. Harlan is a key contributor to the Engagement Services practice, providing disk forensics analysis, consulting, and training services to both internal and external customers. Harlan has provided forensic analysis services for the hospitality industry, financial institutions, as well as federal government and law enforcement agencies. Harlan's primary areas of interest include research and development of novel analysis solutions, with a focus on Windows platforms.

Bibliographic information

QR code for Windows Registry Forensics
TitleWindows Registry Forensics: Advanced Digital Forensic Analysis of the Windows Registry
Windows Registry Forensics: Advanced Digital Forensic Analysis of the Windows Registry, Harlan A. Carvey
AuthorHarlan Carvey
EditorDave Hull
Editionillustrated
PublisherElsevier, 2011
ISBN1597495808, 9781597495806
Length206 pages
Subjects ›  › 

Component software
Computer crimes
Computer crimes - Investigation - Methodology
Computer crimes/ Investigation/ Methodology
Computer networks
Computer networks - Security measures
Computer networks/ Security measures
Computer security
Computers / General
Computers / Networking / Security
Computers / Operating Systems / General
Computers / Operating Systems / Windows Workstation
Computers / Security / General
Law / Forensic Science
Methodology
Microsoft Windows (Computer file)
Operating systems (Computers)
Security systems
Social sciences
  
Export CitationBiBTeX EndNote RefMan