OS X Incident Response: Scripting and Analysis
暫譯: OS X 事件回應:腳本編寫與分析
Jaron Bradley
- 出版商: Syngress Media
- 出版日期: 2016-05-06
- 售價: $2,180
- 貴賓價: 9.5 折 $2,071
- 語言: 英文
- 頁數: 270
- 裝訂: Paperback
- ISBN: 012804456X
- ISBN-13: 9780128044568
-
相關分類:
Linux
立即出貨
買這商品的人也買了...
-
從車庫的舊 PC 到百萬台伺服器-巨型網站成長從無到無限大,技術架構大揭祕-最棒的「秒殺」網站設計實例$480$408 -
實戰網路安全監控|入侵偵測與因應之道 (The Practice of Network Security Monitoring: Understanding Incident Detection and Response)$490$387 -
職業駭客的告白 : 軟體反組譯、木馬病毒與入侵翻牆竊密$620$484 -
Python 3 物件導向程式設計, 2/e$480$379 -
Hacking Wireless Access Points: Cracking, Tracking, and Signal Jacking(paperback)$1,750$1,663 -
特洛伊木馬病毒程式設計:使用 Python$520$406 -
Working Effectively with Legacy Code : 管理、修改、重構遺留程式碼的藝術 (中文版)$720$562 -
The Modern Security Operations Center (Paperback)$2,200$2,156 -
$534九陰真經 iOS黑客攻防秘籍 -
$469內網安全攻防 : 滲透測試實戰指南 -
$477Rust 權威指南 (The Rust Programming Language (Covers Rust 2018)) -
再強一點:用 Go語言完成六個大型專案$780$616 -
Practical Threat Intelligence and Data-Driven Threat Hunting: A hands-on guide to threat hunting with the ATT&CK(TM) Framework and open source tools (Paperback)$1,650$1,568 -
$1,400Network Programming with Go: Learn to Code Secure and Reliable Network Services from Scratch -
黑帽 Python|給駭客與滲透測試者的 Python 開發指南, 2/e (Black Hat Python : Python Programming for Hackers and Pentesters, 2/e)$450$356 -
Spring REST API 開發與測試指南|使用 Swagger、HATEOAS、JUnit、Mockito、PowerMock、Spring Test$580$493 -
Learn Enough JavaScript to Be Dangerous: A Tutorial Introduction to Programming with JavaScript$1,580$1,501 -
Linux 網路內功修煉 - 徹底了解底層原理及高性能架構$780$663 -
演算法生存指南(書況差限門市銷售)$800$632 -
Learn Enough Python to Be Dangerous: Software Development, Flask Web Apps, and Beginning Data Science with Python (Paperback)$1,580$1,548 -
一本精通 - Python 範例應用大全:Python 詳細語法教學 & 100+ 個 Python 範例$880$695 -
讓 AI 好好說話!從頭打造 LLM (大型語言模型) 實戰秘笈$680$537 -
日式 RPG 編年史:從 DQ 到 FF,角色扮演遊戲敘事手法完全剖析$380$300 -
軟體工程師的英語使用守則:English for Developers$420$357 -
內行人才知道的系統設計面試指南 第二輯 (System Design Interview – An Insider's Guide: Volume 2)$820$648
相關主題
商品描述
OS X Incident Response: Scripting and Analysis is written for analysts who are looking to expand their understanding of a lesser-known operating system. By mastering the forensic artifacts of OS X, analysts will set themselves apart by acquiring an up-and-coming skillset.
Digital forensics is a critical art and science. While forensics is commonly thought of as a function of a legal investigation, the same tactics and techniques used for those investigations are also important in a response to an incident. Digital evidence is not only critical in the course of investigating many crimes but businesses are recognizing the importance of having skilled forensic investigators on staff in the case of policy violations.
Perhaps more importantly, though, businesses are seeing enormous impact from malware outbreaks as well as data breaches. The skills of a forensic investigator are critical to determine the source of the attack as well as the impact. While there is a lot of focus on Windows because it is the predominant desktop operating system, there are currently very few resources available for forensic investigators on how to investigate attacks, gather evidence and respond to incidents involving OS X. The number of Macs on enterprise networks is rapidly increasing, especially with the growing prevalence of BYOD, including iPads and iPhones.
Author Jaron Bradley covers a wide variety of topics, including both the collection and analysis of the forensic pieces found on the OS. Instead of using expensive commercial tools that clone the hard drive, you will learn how to write your own Python and bash-based response scripts. These scripts and methodologies can be used to collect and analyze volatile data immediately.
For online source codes, please visit:
https://github.com/jbradley89/osx_incident_response_scripting_and_analysis
- Focuses exclusively on OS X attacks, incident response, and forensics
- Provides the technical details of OS X so you can find artifacts that might be missed using automated tools
- Describes how to write your own Python and bash-based response scripts, which can be used to collect and analyze volatile data immediately
- Covers OS X incident response in complete technical detail, including file system, system startup and scheduling, password dumping, memory, volatile data, logs, browser history, and exfiltration
商品描述(中文翻譯)
《OS X 事件回應:腳本與分析》是為那些希望擴展對較不知名作業系統理解的分析師所撰寫。透過掌握 OS X 的取證文物,分析師將透過獲得一項新興技能而脫穎而出。
數位取證是一門關鍵的藝術與科學。雖然取證通常被認為是法律調查的一個功能,但在事件回應中,所使用的相同策略和技術也同樣重要。數位證據在調查許多犯罪過程中至關重要,企業也意識到在政策違規的情況下擁有熟練的取證調查員的重要性。
然而,更重要的是,企業正在看到惡意軟體爆發和數據洩露帶來的巨大影響。取證調查員的技能對於確定攻擊來源及其影響至關重要。儘管目前對於 Windows 的關注度很高,因為它是主要的桌面作業系統,但目前針對如何調查 OS X 的攻擊、收集證據和回應事件的資源卻非常有限。隨著 BYOD(自帶設備)的普及,包括 iPad 和 iPhone,企業網路上的 Mac 數量正在迅速增加。
作者 Jaron Bradley 涵蓋了各種主題,包括在作業系統上找到的取證資料的收集和分析。您將學習如何編寫自己的基於 Python 和 bash 的回應腳本,而不是使用昂貴的商業工具來克隆硬碟。這些腳本和方法可以用來立即收集和分析易失性數據。
有關線上源代碼,請訪問:
https://github.com/jbradley89/osx_incident_response_scripting_and_analysis
- 專注於 OS X 攻擊、事件回應和取證
- 提供 OS X 的技術細節,以便您找到可能被自動化工具忽略的文物
- 描述如何編寫自己的基於 Python 和 bash 的回應腳本,這些腳本可以用來立即收集和分析易失性數據
- 完整技術細節涵蓋 OS X 事件回應,包括檔案系統、系統啟動與排程、密碼轉儲、記憶體、易失性數據、日誌、瀏覽器歷史和數據外洩
