»
Windows Registry Forensics
 
 

Windows Registry Forensics, 2nd Edition

Advanced Digital Forensic Analysis of the Windows Registry

 
Windows Registry Forensics, 2nd Edition,Harlan Carvey,ISBN9780128032916
 
 
Up to
15%
off
 

  

Syngress

9780128032916

9780128033357

216

235 X 191

The second edition of this go-to reference provides readers with the information, tools, and processes needed to find and analyze forensic evidence using Windows Registry. Tools and techniques for post mortem analysis are discussed at length to take users beyond the current use of viewers and into real analysis of data contained in the Registry.

Print Book + eBook

USD 83.94
USD 139.90

Buy both together and save 40%

Add to Cart
Select format

Print Book

Paperback

In Stock

Estimated Delivery Time
USD 59.46
USD 69.95

eBook
eBook Overview

PDF format

USD 69.95
Add to Cart
 
 

Key Features

  • Named a Best Digital Forensics Book by InfoSec Reviews
  • Packed with real-world examples using freely available open source tools
  • Provides a deep explanation and understanding of the Windows Registry—perhaps the least understood and employed source of information within Windows systems
  • Includes a companion website that contains the code and author-created tools discussed in the book
  • Features updated, current tools and techniques
  • Contains completely updated content throughout, with all new coverage of the latest versions of Windows

Description

Windows Registry Forensics: Advanced Digital Forensic Analysis of the Windows Registry, Second Edition, provides the most in-depth guide to forensic investigations involving Windows Registry. This book is one-of-a-kind, giving the background of the Registry to help users develop an understanding of the structure of registry hive files, as well as information stored within keys and values that can have a significant impact on forensic investigations. Tools and techniques for post mortem analysis are discussed at length to take users beyond the current use of viewers and into real analysis of data contained in the Registry. This second edition continues a ground-up approach to understanding so that the treasure trove of the Registry can be mined on a regular and continuing basis.

Readership

Information Security professionals at all levels, digital forensic examiners and investigators, InfoSec consultants, attorneys, law enforcement officers. Also useful to forensic training vendors, government training courses, universities, and high-tech crime associations.

Harlan Carvey

Harlan Carvey is a senior information security researcher with the Dell SecureWorks Counter Threat Unit - Special Ops (CTU-SO) team, where his efforts are focused on targeted threat hunting, response, and research. He continues to maintain a passion and focus in analyzing Windows systems, and in particular, the Windows Registry. Harlan is an accomplished author, public speaker, and open source tool author. He dabbles in other activities, including home brewing and horseback riding. As a result, he has become quite adept at backing up and parking a horse trailer. Harlan earned a bachelor’s degree in electrical engineering from the Virginia Military Institute, and a master’s degree in the same discipline from the Naval Postgraduate School. He served in the United States Marine Corps, achieving the rank of captain before departing the service. He resides in Northern Virginia with his family.

Affiliations and Expertise

DFIR analyst, presenter, and open-source tool author

View additional works by Harlan Carvey

Windows Registry Forensics, 2nd Edition

  • Dedication
  • About the Author
  • About the Technical Editor
  • Preface
  • Acknowledgments
  • 1. Registry Analysis
    • Introduction
    • Core Analysis Concepts
    • What Is the Windows Registry?
    • Registry Structure
    • Summary
  • 2. Processes and Tools
    • Introduction
    • Forensic Analysis
    • Summary
  • 3. Analyzing the System Hives
    • Introduction
    • Artifact Categories
    • Security Hive
    • SAM Hive
    • System Hive
    • Software Hive
    • AmCache Hive
    • Summary
  • 4. Case Studies: User Hives
    • Introduction
    • NTUSER.DAT
    • USRCLASS.DAT
    • Summary
  • 5. RegRipper
    • Introduction
    • What Is RegRipper?
    • Getting the Most Out of RegRipper
    • Summary
  • Index
 
 
Free Shipping
Shop with Confidence

Free Shipping around the world
▪ Broad range of products
▪ 30 days return policy
FAQ

Contact Us