Windows Registry Forensics: Advanced Digital Forensic Analysis of the Windows Registry (Paperback)

Harlan Carvey

  • 出版商: Syngress Media
  • 出版日期: 2011-02-07
  • 定價: $2,276
  • 售價: 6.0$1,366
  • 語言: 英文
  • 頁數: 248
  • 裝訂: Paperback
  • ISBN: 1597495808
  • ISBN-13: 9781597495806
  • 相關分類: 地理資訊系統 Gis
  • 立即出貨(限量) (庫存=2)

買這商品的人也買了...

商品描述

Harlan Carvey brings readers an advanced book on Windows Registry - the most difficult part of Windows to analyze in forensics! Windows Registry Forensics provides the background of the Registry to help develop an understanding of the binary structure of Registry hive files. Approaches to live response and analysis are included and tools and techniques for post-mortem analysis are discussed at length. Tools and techniques will be presented that take the analyst beyond the current use of viewers and into real analysis of data contained in the Registry. This book also has a  DVD containing tools, instructions and videos.

  • Packed with real-world examples using freely available tools
  • Deep explanation and understanding of the Windows Registry - the most misunderstood
  • Includes a DVD containing code and author-created tools discussed in the book

商品描述(中文翻譯)

Harlan Carvey為讀者帶來了一本關於Windows註冊表的高級書籍 - 這是Windows中最難以進行法醫分析的部分!《Windows註冊表法醫學》提供了註冊表的背景,以幫助讀者理解註冊表蜂巢文件的二進制結構。書中包含了實時響應和分析的方法,並詳細討論了事後分析的工具和技術。書中將介紹一些超越目前僅使用查看器的工具和技術,以進行註冊表中數據的真實分析。此書還附有一個DVD,其中包含了在書中討論的代碼和作者創建的工具,以及相關指令和視頻。

該書充滿了使用免費工具的真實案例
深入解釋和理解Windows註冊表 - 這是最容易被誤解的部分
包含一個DVD,其中包含了書中討論的代碼和作者創建的工具