Python Digital Forensics Cookbook: Effective Python recipes for digital investigations –

Key FeaturesDevelop code that extracts vital information from everyday forensic acquisitionsIncrease the quality and efficiency of your forensic analysisLeverage the latest resources and capabilities available to the forensic communityBook DescriptionTechnology plays an increasingly large role in our daily lives and shows no sign of stopping Now, than ever, it is paramount that an investigator develops programming expertise to deal with increasingly large datasetsBy leveraging the Python recipes explored throughout this book, we make the complex simple, quickly extracting relevant information from large datasets You will explore, develop, and deploy Python code and libraries to provide meaningful results that can be immediately applied to your investigations Throughout the Python Digital Forensics Cookbook, recipes include topics such as working with forensic evidence containers, parsing mobile and desktop operating system artifacts, extracting embedded metadata from documents and executables, and identifying indicators of compromise You will also learn to integrate scripts with Application Program Interfaces APIs such as VirusTotal and PassiveTotal, and tools such as Axiom, Cellebrite, and EnCaseBy the end of the book, you will have a sound understanding of Python and how you can use it to process artifacts in your investigationsWhat you will learnUnderstand how Python can enhance digital forensics and investigationsLearn to access the contents of, and process, forensic evidence containersExplore malware through automated static analysisExtract and review message contents from a variety of email formatsAdd depth and context to discovered IP addresses and domains through various Application Program Interfaces APIs Delve into mobile forensics and recover deleted messages from SQLite databasesIndex large logs into a platform to better query and visualize datasetsAbout the AuthorPreston Miller is a consultant at an internationally recognized risk management firm He holds an undergraduate degree from Vassar College and a master s degree in Digital Forensics from Marshall University While at Marshall, Preston unanimously received the prestigious J Edgar Hoover Foundation s Scientific Scholarship He is a published author, recently of Learning Python for Forensics, an introductory Python Forensics textbook Preston is also a member of the GIAC advisory board and holds multiple industry recognized certifications in his fieldChapin Bryce works as a consultant in digital forensics, focusing on litigation support, incident response, and intellectual property investigations After studying computer and digital forensics at Champlain College, he joined a firm leading the field of digital forensics and investigations In his downtime, Chapin enjoys working on side projects, hiking, and skiing if the weather permits As a member of multiple ongoing research and development projects, he has authored several articles in professional and academic publicationsTable of ContentsWorking with System File InfoA Deep Dive into Mobile ForensicsExtracting Embedded MetadataExploring Networking and Indicators of CompromiseReading Emails and Taking NamesForensic EvidenceLog Based ArtifactsExploring Windows Forensic ArtifactExploring Windows Forensic ArtifactCreating Artifact Report

2 thoughts on “Python Digital Forensics Cookbook: Effective Python recipes for digital investigations

  1. Laanders Laanders says:

    I just bought this book.I am not a developer, I need to use python scripts for computer forensics analysis.I need to extract data from the Windows.edb file In this book there is a chapter that helped me to extract this data and to create an export in csv format.The other chapters of this book will help me to create python scripts Th explanations are clear, well detailled.What I like about this book is that the authors offers us other possibilities to improve python scripts

  2. Jose Julio Santana Jose Julio Santana says:

    Un libro muy did ctico