Log In
Or create an account ->
Imperial Library
Home
About
News
Upload
Forum
Help
Login/SignUp
Index
Python Digital Forensics Cookbook
Title Page
Copyright
Python Digital Forensics Cookbook
Credits
About the Authors
About the Reviewer
www.PacktPub.com
Why subscribe?
Customer Feedback
Dedication
Table of Contents
Preface
What this book covers
What you need for this book
Who this book is for
Sections
Getting ready
How to do it…
How it works…
There's more…
See also
Conventions
Reader feedback
Customer support
Downloading the example code
Downloading the color images of this book
Errata
Piracy
Questions
Essential Scripting and File Information Recipes
Introduction
Handling arguments like an adult
Getting started
How to do it…
How it works…
There's more…
Iterating over loose files
Getting started
How to do it…
How it works…
There's more…
Recording file attributes
Getting started
How to do it…
How it works…
There's more…
Copying files, attributes, and timestamps
Getting started
How to do it…
How it works…
There's more…
Hashing files and data streams
Getting started
How to do it…
How it works…
There's more…
Keeping track with a progress bar
Getting started
How to do it…
How it works…
There's more…
Logging results
Getting started
How to do it…
How it works…
There’s more…
Multiple hands make light work
Getting started
How to do it…
How it works…
There's more…
Creating Artifact Report Recipes
Introduction
Using HTML templates
Getting started
How to do it...
How it works...
There's more...
Creating a paper trail
Getting started
How to do it...
How it works...
There's more...
Working with CSVs
Getting started
How to do it...
How it works...
There's more...
Visualizing events with Excel
Getting started
How to do it...
How it works...
Auditing your work
Getting started
How to do it...
How it works...
There's more...
A Deep Dive into Mobile Forensic Recipes
Introduction
Parsing PLIST files
Getting started
How to do it...
How it works...
There's more…
Handling SQLite databases
Getting started
How to do it...
How it works...
Identifying gaps in SQLite databases
Getting started
How to do it...
How it works...
See also
Processing iTunes backups
Getting started
How to do it...
How it works...
There's more...
Putting Wi-Fi on the map
Getting started
How to do it...
How it works...
Digging deep to recover messages
Getting started
How to do it...
How it works...
There's more…
Extracting Embedded Metadata Recipes
Introduction
Extracting audio and video metadata
Getting started
How to do it...
How it works...
There's more...
The big picture
Getting started
How to do it...
How it works...
There's more...
Mining for PDF metadata
Getting started
How to do it...
How it works...
There's more...
Reviewing executable metadata
Getting started
How to do it...
How it works...
There's more...
Reading office document metadata
Getting started
How to do it...
How it works...
Integrating our metadata extractor with EnCase
Getting started
How to do it...
How it works...
There's more...
Networking and Indicators of Compromise Recipes
Introduction
Getting a jump start with IEF
Getting started
How to do it...
How it works...
Coming into contact with IEF
Getting started
How to do it...
How it works...
Beautiful Soup
Getting started
How to do it...
How it works...
There's more...
Going hunting for viruses
Getting started
How to do it...
How it works...
Gathering intel
Getting started
How to do it...
How it works...
Totally passive
Getting started
How to do it...
How it works...
Reading Emails and Taking Names Recipes
Introduction
Parsing EML files
Getting started
How to do it...
How it works...
Viewing MSG files
Getting started
How to do it...
How it works...
There’s more...
See also
Ordering Takeout
Getting started
How to do it...
How it works...
There’s more...
What’s in the box?!
Getting started
How to do it...
How it works...
Parsing PST and OST mailboxes
Getting started
How to do it...
How it works...
There’s more...
See also
Log-Based Artifact Recipes
Introduction
About time
Getting started
How to do it...
How it works...
There's more...
Parsing IIS web logs with RegEx
Getting started
How to do it...
How it works...
There's more...
Going spelunking
Getting started
How to do it...
How it works...
There's more...
Interpreting the daily.out log
Getting started
How to do it...
How it works...
Adding daily.out parsing to Axiom
Getting started
How to do it...
How it works...
Scanning for indicators with YARA
Getting started
How to do it...
How it works...
Working with Forensic Evidence Container Recipes
Introduction
Opening acquisitions
Getting started
How to do it...
How it works...
Gathering acquisition and media information
Getting started
How to do it...
How it works...
Iterating through files
Getting started
How to do it...
How it works...
There's more...
Processing files within the container
Getting started
How to do it...
How it works...
Searching for hashes
Getting started
How to do it...
How it works...
There's more...
Exploring Windows Forensic Artifacts Recipes - Part I
Introduction
One man's trash is a forensic examiner's treasure
Getting started
How to do it...
How it works...
A sticky situation
Getting started
How to do it...
How it works...
Reading the registry
Getting started
How to do it...
How it works...
There's more...
Gathering user activity
Getting started
How to do it...
How it works...
There's more...
The missing link
Getting started
How to do it...
How it works...
There's more...
Searching high and low
Getting started
How to do it...
How it works...
There's more...
Exploring Windows Forensic Artifacts Recipes - Part II
Introduction
Parsing prefetch files
Getting started
How to do it...
How it works...
There's more...
A series of fortunate events
Getting started
How to do it...
How it works...
There's more...
Indexing internet history
Getting started
How to do it...
How it works...
There's more...
Shadow of a former self
Getting started
How to do it...
How it works...
There's more...
Dissecting the SRUM database
Getting started
How to do it...
How it works...
There's more...
Conclusion
← Prev
Back
Next →
← Prev
Back
Next →