Log In
Or create an account -> 
Imperial Library
  • Home
  • About
  • News
  • Upload
  • Forum
  • Help
  • Login/SignUp

Index
Cover Page Hacking Exposed™ Computer Forensics Second Edition Reviews Copyright Page Contents Acknowledgments Introduction Part I Preparing for an Incident
Case Study: Lab Preparations
Cashing Out Preparing for a Forensics Operation
1 The Forensics Process
Types of Investigations The Role of the Investigator Elements of a Good Process
Cross-validation Proper Evidence Handling Completeness of Investigation Management of Archives Technical Competency Explicit Definition and Justification for the Process Legal Compliance Flexibility
Defining a Process
Identification Collection and Preservation Analysis Production and Presentation
After the Investigation
2 Computer Fundamentals
The Bottom-up View of a Computer
It’s All Just 1s and 0s Learning from the Past: Giving Computers Memory Basic Input and Output System (BIOS) The Operating System The Applications
Types of Media
Magnetic Media Optical Media Memory Technologies
3 Forensic Lab Environment Preparation
The Ultimate Computer Forensic Lab
What Is a Computer Forensic Laboratory? Forensic Lab Security Protecting the Forensic Lab
Forensic Computers
Components of a Forensic Host Commercially Available Hardware Systems Do-It-Yourself Hardware Systems Data Storage
Forensic Hardware and Software Tools
Using Hardware Tools Using Software Tools
The Flyaway Kit Case Management Bonus: Linux or Windows?
Part II Collecting the Evidence
Case Study: The Collections Agency
Preparations Revelations Collecting Evidence
4 Forensically Sound Evidence Collection
Collecting Evidence from a Single System
Step 1: Power Down the Suspect System Step 2: Remove the Drive(s) from the Suspect System Step 3: Check for Other Media Step 4: Record BIOS Information Step 5: Forensically Image the Drive Step 6: Record Cryptographic Hashes Step 7: Bag and Tag Move Forward
Common Mistakes in Evidence Collection
5 Remote Investigations and Collections
Privacy Issues Remote Investigations
Remote Investigation Tools
Remote Collections
Remote Collection Tools The Data Is Changing Policies and Procedures
Encrypted Volumes or Drives USB Thumb Drives
Part III Forensic Investigation Techniques
Case Study: Analyzing the Data
Digging for Clues We’re Not Done. Yet Finally
6 Microsoft Windows Systems Analysis
Windows File Systems
Master Boot Record FAT File System NTFS
Recovering Deleted Files
Limitations
Windows Artifacts
7 Linux Analysis
The Linux File System (ext2 and ext3)
ext2 Structure ext3/ext4 Structure Linux Swap
Linux Analysis
8 Macintosh Analysis
The Evolution of the Mac OS Looking at a Mac Disk or Image
The GUID Partition Table Partition Entry Array
Deleted Files
Recovering Deleted Files Concatenating Unallocated Space Scavenging for Unindexed Files and Pruned Nodes
A Closer Look at Macintosh Files
Archives Date and Time Stamps E-mail Graphics Web Browsing Resources Virtual Memory System Log and Other System Files
Mac as a Forensics Platform
9 Defeating Anti-forensic Techniques
Obscurity Methods Privacy Measures
Encryption The General Solution to Encryption Wiping
10 Enterprise Storage Analysis
The Enterprise Data Universe
Rebuilding RAIDs in EnCase Rebuilding RAIDs in Linux
Working with NAS Systems Working with SAN Systems Working with Tapes
Accessing Raw Tapes on Windows Accessing Raw Tapes on UNIX Commercial Tools for Accessing Tapes Collecting Live Data from Windows Systems
Full-Text Indexing Mail Servers
11 E-mail Analysis
Finding E-mail Artifacts Converting E-mail Formats Obtaining Web-based E-mail (Webmail) from Online Sources Client-based E-mail Web-Based E-mail
Internet-Hosted Mail
Investigating E-mail Headers
12 Tracking User Activity
Microsoft Office Forensics Tracking Web Usage
Internet Explorer Forensics Firefox/Mozilla Forensics
Operating System User Logs
UserAssist
13 Forensic Analysis of Mobile Devices
Collecting and Analyzing Mobile Device Evidence Password-protected Windows Devices Conclusion
Part IV Presenting Your Findings
Case Study: Wrapping Up the Case
He Said, She Said
14 Documenting the Investigation
Read Me Internal Report
Construction of an Internal Report
Declaration
Construction of a Declaration
Affidavit Expert Report
Construction of an Expert Report
15 The Justice System
The Criminal Court System The Civil Justice System
Phase One: Investigation Phase Two: Commencing Suit Phase Three: Discovery Phase Four: Trial
Expert Status
Expert Credentials Nontestifying Expert Consultant Testifying Expert Witness Court-Appointed Expert Expert Interaction with the Court
Part V Putting It All Together
Case Study: Now What?
Mr. Blink Becomes an Investigator Time to Understand the Business Issues
16 IP Theft
What Is IP Theft? IP Theft Ramifications
Loss of Customers Loss of Competitive Advantage Monetary Loss
Types of Theft
Technology
Tying It Together
What Was Taken? Looking at Intent Estimating Damages Working with Higher-Ups Working with Outside Counsel
17 Employee Misconduct
What Is Employee Misconduct? Ramifications
Disruptive Work Environment Investigations by Authorities Lawsuits Against an Employer Monetary Loss
Types of Misconduct
Inappropriate Use of Corporate Resources Making Sense of It All Employment Discrimination/Harassment Violation of Non-compete/Non-solicitation Agreements
Tying It Together
What Is the Risk to the Company? Looking at Intent Estimating Damages Working with Higher-Ups Working with Outside Counsel
18 Employee Fraud
What Is Employee Fraud? Ramifications
Monetary Loss Investigations by Authorities Criminal Penalties and Civil Lawsuits
Types of Employee Fraud
Asset Misappropriation Corruption
Tying It Together
What Is the Story? Estimating Losses Working with Higher-Ups Working with Outside Counsel and Investigators
19 Corporate Fraud
What Is Corporate Fraud? Ramifications
Impact to Shareholders and the Public Regulatory Changes Investigations and Litigation
Types of Corporate Fraud
Accounting Fraud Securities Fraud
20 Organized Cyber Crime
The Changing Landscape of Hacking
The Russian Business Network Infrastructure and Bot-Nets The Russian-Estonian Conflict Effects on Western Companies
Types of Hacks and the Role of Computer Forensics
Bot/Remote Control Malware Traditional Hacks
Money Laundering
Anti-Money Laundering Software The Mechanics of Laundering The Role of Computer Forensics
21 Consumer Fraud
What Is Consumer Fraud? Ramifications
Impact to Consumers and the Public Regulatory Environment Investigations and Litigation
Types of Consumer Fraud
Identity Theft Investment Fraud Mortgage Fraud
Tying It Together
A Searching Techniques
Regular Expressions
Theory and History The Building Blocks Constructing Regular Expressions
Index
  • ← Prev
  • Back
  • Next →
  • ← Prev
  • Back
  • Next →

Chief Librarian: Las Zenow <zenow@riseup.net>
Fork the source code from gitlab.

This is a mirror of the Tor onion service:
http://kx5thpx2olielkihfyo4jgjqfb7zx7wxr3sd4xzt26ochei4m6f7tayd.onion