Here's a few of the books I went back to time and again:Brian Carrier - File System Forensic Analysis - The core book for any forensic library. Explains the computer file system at a low-level, which gives you a huge insight into the file system at the hex/binary level.
Venema & Farmer - Forensic Discovery - a great beginning overview of computer forensics.
Jones, Betjlich, Rose - Real Digital Forensics - Another great all rounder book. Has a great section on analysing unknown programs (stack analysis etc)
Harlan Carvey - Windows Forensics and Incident Recovery - focuses on Windows forensics (duh). Really points out what to look for on a Windows system during an examination. Great section on perl for Windows - the forensicator's language of choice
Altheide, Carvey - Digital Forensics with Open Source Tools - does what it says on the tin. If you haven't shelled out for EnCase/FTK, this provides you with the alternative tools to do the job (it also doesn't hurt to have alternatives anyway!)
Eoghan Casey - Handbook of Digital Forensics and Investigation - Gives a good introduction to Windows, Linux and Mac forensics, as well as mobile forensics. Good section on methodology as well.
Specifically looking at mobile forensics, there's:
Andrew Hoog - Android Forensics
Hoog, Strzempka - iPhone and iOS Forensics
Jonathon Zdziarski - iPhone Forensics
There's also a wealth of information on the authors' blogs - much of it updating/improving on material in the books. But as athulin says, there's no "catch all" book - many of the ones above offer a broad overview, but if you want to focus on a subject, you're probably better off going online and reading white papers, blogs etc to get the more specific information.
_________________
Forensics blog - www.jhannon.co.uk
Twitter - @john_hannon?
Source: http://www.forensicfocus.com/Forums/viewtopic/p=6561971/
ramon sessions portland trail blazers nba trade blagojevich new mexico state kevin rose sessions
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.