Learning Python for Forensics

More Information
Learn
  • Discover how to perform Python script development
  • Update yourself by learning the best practices in forensic programming
  • Build scripts through an iterative design
  • Explore the rapid development of specialized scripts
  • Understand how to leverage forensic libraries developed by the community
  • Design flexibly to accommodate present and future hurdles
  • Conduct effective and efficient investigations through programmatic pre-analysis
  • Discover how to transform raw data into customized reports and visualizations
About

This book will illustrate how and why you should learn Python to strengthen your analysis skills and efficiency as you creatively solve real-world problems through instruction-based tutorials. The tutorials use an interactive design, giving you experience of the development process so you gain a better understanding of what it means to be a forensic developer.

Each chapter walks you through a forensic artifact and one or more methods to analyze the evidence. It also provides reasons why one method may be advantageous over another. We cover common digital forensics and incident response scenarios, with scripts that can be used to tackle case work in the field. Using built-in and community-sourced libraries, you will improve your problem solving skills with the addition of the Python scripting language. In addition, we provide resources for further exploration of each script so you can understand what further purposes Python can serve. With this knowledge, you can rapidly develop and deploy solutions to identify critical information and fine-tune your skill set as an examiner.

Features
  • This practical guide will help you solve forensic dilemmas through the development of Python scripts
  • Analyze Python scripts to extract metadata and investigate forensic artifacts
  • Master the skills of parsing complex data structures by taking advantage of Python libraries
Page Count 488
Course Length 14 hours 38 minutes
ISBN 9781783285235
Date Of Publication 30 May 2016

Authors

Preston Miller

Preston Miller is a consultant at an internationally recognized risk management firm. Preston holds an undergraduate degree from Vassar College and a master's degree in digital forensics from Marshall University. While at Marshall, Preston unanimously received the prestigious J. Edgar Hoover Foundation's scientific scholarship. Preston is a published author, recently of Python Digital Forensics Cookbook, which won the Forensic 4:cast Digital Forensics Book of the Year award in 2018. Preston is a member of the GIAC advisory board and holds multiple industry-recognized certifications in his field.

Chapin Bryce

Chapin Bryce is a senior consultant at a global firm that is a leader in digital forensics and incident response investigations. After graduating from Champlain College, with a bachelor's degree in computer and digital forensics, Chapin dove into the field of digital forensics and incident response joining the GIAC advisory board and earning four GIAC certifications: GCIH, GCFE, GCFA, and GNFA. As a member of multiple ongoing research and development projects, he has authored several books and articles in professional and academic publications, including Python Digital Forensics Cookbook (2018 Digital Forensics Book of the Year, Forensic 4Cast), Learning Python for Forensics First Edition, and Digital Forensic Magazine.