Windows Registry Forensics
Advanced Digital Forensic Analysis of the Windows Registry
2nd Edition
Published on 31. March 2016
Book
Paperback/Softback
216 pages
978-0-12-803291-6 (ISBN)
Description
Windows Registry Forensics: Advanced Digital Forensic Analysis of the Windows Registry, Second Edition, provides the most in-depth guide to forensic investigations involving Windows Registry. This book is one-of-a-kind, giving the background of the Registry to help users develop an understanding of the structure of registry hive files, as well as information stored within keys and values that can have a significant impact on forensic investigations. Tools and techniques for post mortem analysis are discussed at length to take users beyond the current use of viewers and into real analysis of data contained in the Registry. This second edition continues a ground-up approach to understanding so that the treasure trove of the Registry can be mined on a regular and continuing basis.
More details
Edition
2nd edition
Language
English
Place of publication
Rockland, MA
United States
Target group
Professional and scholarly
Product notice
Paperback (trade)
Illustrations
31 illustrations (16 in full color); Illustrations
Dimensions
Height: 233 mm
Width: 189 mm
Thickness: 15 mm
Weight
467 gr
ISBN-13
978-0-12-803291-6 (9780128032916)
Copyright in bibliographic data and cover images is held by Nielsen Book Services Limited or by the publishers or by their respective licensors: all rights reserved.
Schweitzer Classification
Other editions
Additional editions
E-Book
03/2016
2nd Edition
Syngress
€50.95
Available for download
Previous edition
Book
03/2011
Syngress
€79.41
Article exhausted; check for reprint
Person
Mr. Carvey is a digital forensics and incident response analyst with past experience in vulnerability assessments, as well as some limited pen testing. He conducts research into digital forensic analysis of Window systems, identifying and parsing various digital artifacts from those systems, and has developed several innovative tools and investigative processes specific to the digital forensics analysis field. He is the developer of RegRipper, a widely-used tool for Windows Registry parsing and analysis. Mr. Carvey has developed and taught several courses, including Windows Forensics, Registry, and Timeline Analysis.
Content
1. Registry Analysis
2. Processes and Tools
3. Case Studies: The System
4. Case Studies: Tracking User Activity
5. RegRipper
2. Processes and Tools
3. Case Studies: The System
4. Case Studies: Tracking User Activity
5. RegRipper