Python Forensics: A Workbench for Inventing and Sharing Digital Forensic Technology
By Chet Hosmer
4/5
()
About this ebook
Python Forensics provides many never-before-published proven forensic modules, libraries, and solutions that can be used right out of the box. In addition, detailed instruction and documentation provided with the code samples will allow even novice Python programmers to add their own unique twists or use the models presented to build new solutions.
Rapid development of new cybercrime investigation tools is an essential ingredient in virtually every case and environment. Whether you are performing post-mortem investigation, executing live triage, extracting evidence from mobile devices or cloud services, or you are collecting and processing evidence from a network, Python forensic implementations can fill in the gaps.
Drawing upon years of practical experience and using numerous examples and illustrative code samples, author Chet Hosmer discusses how to:
- Develop new forensic solutions independent of large vendor software release schedules
- Participate in an open-source workbench that facilitates direct involvement in the design and implementation of new methods that augment or replace existing tools
- Advance your career by creating new solutions along with the construction of cutting-edge automation solutions to solve old problems
- Provides hands-on tools, code samples, and detailed instruction and documentation that can be put to use immediately
- Discusses how to create a Python forensics workbench
- Covers effective forensic searching and indexing using Python
- Shows how to use Python to examine mobile device operating systems: iOS, Android, and Windows 8
- Presents complete coverage of how to use Python scripts for network investigation
Chet Hosmer
Chet Hosmer serves as an Assistant Professor of Practice at the University of Arizona in the Cyber Operations program, where he is teaching and researching the application of Python and Machine Learning to advanced cybersecurity challenges. Chet is also the founder of Python Forensics, Inc. a non-profit organization focused on the collaborative development of open-source investigative technologies using Python and other popular scripting languages. Chet has made numerous appearances to discuss emerging cyber threats including NPR, ABC News, Forbes, IEEE, The New York Times, The Washington Post, Government Computer News, Salon.com, and Wired Magazine. He has 7 published books with Elsevier and Apress that focus on data hiding, passive network defense strategies, Python Forensics, PowerShell, and IoT.
Read more from Chet Hosmer
Data Hiding: Exposing Concealed Data in Multimedia, Operating Systems, Mobile Devices and Network Protocols Rating: 5 out of 5 stars5/5PowerShell and Python Together: Targeting Digital Investigations Rating: 0 out of 5 stars0 ratingsExecuting Windows Command Line Investigations: While Ensuring Evidentiary Integrity Rating: 0 out of 5 stars0 ratingsPython Passive Network Mapping: P2NMAP Rating: 4 out of 5 stars4/5Defending IoT Infrastructures with the Raspberry Pi: Monitoring and Detecting Nefarious Behavior in Real Time Rating: 0 out of 5 stars0 ratingsIntegrating Python with Leading Computer Forensics Platforms Rating: 0 out of 5 stars0 ratings
Related to Python Forensics
Related ebooks
Digital Forensics with Open Source Tools Rating: 3 out of 5 stars3/5Effective Python Penetration Testing Rating: 0 out of 5 stars0 ratingsMastering Python Forensics Rating: 4 out of 5 stars4/5Big Data Forensics – Learning Hadoop Investigations Rating: 0 out of 5 stars0 ratingsLearning Penetration Testing with Python Rating: 0 out of 5 stars0 ratingsWindows Forensic Analysis Toolkit: Advanced Analysis Techniques for Windows 8 Rating: 4 out of 5 stars4/5Malware Forensics Field Guide for Linux Systems: Digital Forensics Field Guides Rating: 4 out of 5 stars4/5Placing the Suspect Behind the Keyboard: Using Digital Forensics and Investigative Techniques to Identify Cybercrime Suspects Rating: 0 out of 5 stars0 ratingsHandbook of Digital Forensics and Investigation Rating: 4 out of 5 stars4/5Python Penetration Testing Essentials Rating: 5 out of 5 stars5/5Digital Forensics: Threatscape and Best Practices Rating: 0 out of 5 stars0 ratingsAndroid Forensics: Investigation, Analysis and Mobile Security for Google Android Rating: 3 out of 5 stars3/5Professional Penetration Testing: Volume 1: Creating and Learning in a Hacking Lab Rating: 4 out of 5 stars4/5Operating System Forensics Rating: 4 out of 5 stars4/5Investigating Windows Systems Rating: 0 out of 5 stars0 ratingsPractical Windows Forensics Rating: 0 out of 5 stars0 ratingsIntegrating Python with Leading Computer Forensics Platforms Rating: 0 out of 5 stars0 ratingsBotnets: The Killer Web Applications Rating: 5 out of 5 stars5/5Windows Forensic Analysis Toolkit: Advanced Analysis Techniques for Windows 7 Rating: 4 out of 5 stars4/5Implementing Digital Forensic Readiness: From Reactive to Proactive Process Rating: 0 out of 5 stars0 ratingsMastering Social Media Mining with Python Rating: 5 out of 5 stars5/5Building a Digital Forensic Laboratory: Establishing and Managing a Successful Facility Rating: 3 out of 5 stars3/5X-Ways Forensics Practitioner’s Guide Rating: 0 out of 5 stars0 ratingsHacking with Kali: Practical Penetration Testing Techniques Rating: 4 out of 5 stars4/5Mastering Mobile Forensics Rating: 0 out of 5 stars0 ratingsHacking Web Intelligence: Open Source Intelligence and Web Reconnaissance Concepts and Techniques Rating: 0 out of 5 stars0 ratingsGetting Started with tmux Rating: 0 out of 5 stars0 ratingsOS X Incident Response: Scripting and Analysis Rating: 0 out of 5 stars0 ratingsManaged Code Rootkits: Hooking into Runtime Environments Rating: 5 out of 5 stars5/5
Internet & Web For You
More Porn - Faster!: 50 Tips & Tools for Faster and More Efficient Porn Browsing Rating: 3 out of 5 stars3/5The Mega Box: The Ultimate Guide to the Best Free Resources on the Internet Rating: 4 out of 5 stars4/5The $1,000,000 Web Designer Guide: A Practical Guide for Wealth and Freedom as an Online Freelancer Rating: 5 out of 5 stars5/5Coding All-in-One For Dummies Rating: 4 out of 5 stars4/5The Logo Brainstorm Book: A Comprehensive Guide for Exploring Design Directions Rating: 4 out of 5 stars4/5Coding For Dummies Rating: 5 out of 5 stars5/5The Digital Marketing Handbook: A Step-By-Step Guide to Creating Websites That Sell Rating: 5 out of 5 stars5/5Stop Asking Questions: How to Lead High-Impact Interviews and Learn Anything from Anyone Rating: 5 out of 5 stars5/5Cybersecurity For Dummies Rating: 4 out of 5 stars4/5Podcasting For Dummies Rating: 4 out of 5 stars4/5Surveillance and Surveillance Detection: A CIA Insider's Guide Rating: 0 out of 5 stars0 ratingsWireless Hacking 101 Rating: 4 out of 5 stars4/5The Designer's Web Handbook: What You Need to Know to Create for the Web Rating: 0 out of 5 stars0 ratingsSocial Engineering: The Science of Human Hacking Rating: 3 out of 5 stars3/5Hacking : The Ultimate Comprehensive Step-By-Step Guide to the Basics of Ethical Hacking Rating: 5 out of 5 stars5/5Tor and the Dark Art of Anonymity Rating: 5 out of 5 stars5/5Create Something Awesome: How Creators are Profiting from Their Passion in the Creator Economy Rating: 0 out of 5 stars0 ratingsHow To Make Money Blogging: How I Replaced My Day-Job With My Blog and How You Can Start A Blog Today Rating: 4 out of 5 stars4/5Grokking Algorithms: An illustrated guide for programmers and other curious people Rating: 4 out of 5 stars4/5Get Rich or Lie Trying: Ambition and Deceit in the New Influencer Economy Rating: 0 out of 5 stars0 ratingsMike Meyers' CompTIA Security+ Certification Guide, Third Edition (Exam SY0-601) Rating: 5 out of 5 stars5/5200+ Ways to Protect Your Privacy: Simple Ways to Prevent Hacks and Protect Your Privacy--On and Offline Rating: 0 out of 5 stars0 ratingsSix Figure Blogging Blueprint Rating: 5 out of 5 stars5/5The Beginner's Affiliate Marketing Blueprint Rating: 4 out of 5 stars4/5Python QuickStart Guide: The Simplified Beginner's Guide to Python Programming Using Hands-On Projects and Real-World Applications Rating: 0 out of 5 stars0 ratingsHow to Disappear and Live Off the Grid: A CIA Insider's Guide Rating: 0 out of 5 stars0 ratingsSix Figure Blogging In 3 Months Rating: 4 out of 5 stars4/5How To Start A Podcast Rating: 4 out of 5 stars4/5
Reviews for Python Forensics
2 ratings0 reviews
Book preview
Python Forensics - Chet Hosmer
it.
Preface
Over the past 20 years I have had the privilege to work with some of the best, brightest, and dedicated forensic investigators throughout the world. These men and women work tirelessly to find the truth—usually working under less than ideal conditions and under the stress of real deadlines. Whether they are tracking down child predators, criminal organizations, terrorists, or just good old fashion criminals trying to steal your money, these investigators are under the gun and need the best of the best at their fingertips.
I communicate regularly with industry leaders developing the latest forensic products, while evolving their current software baseline to meet the needs of the broadest audience possible. I also communicate with customers trying to solve real-world problems that require immediate answers to hard questions, while the volume of data holding the answer gets larger by the second.
As a scientist and teacher, I see a thirst from students, law enforcement personnel, and information technology professionals who possess a burning desire, unique investigative skills, an understanding of the problem, and most importantly innovative ideas pertaining to the problems at hand. However, in many cases they lack the core computer science skills necessary to make a direct contribution to the cause.
The Python programming language along with the global environment that supports it offers a path for new innovation. Most importantly the language opens the door for broad inclusion and participation of free tools and technology that can revolutionize the collection, processing, analysis, and reasoning surrounding forensic evidence. This book provides a broad set of examples that are accessible by those with zero or little knowledge of programming, as well as those with solid developer skills that want to explore, jump start, and participate in the expanded use of Python in the forensic domain. I encourage you to participate, share your knowledge, apply your enthusiasm, and help us advance this cause.
Intended audience
I have written the book to be accessible by anyone who has a desire to learn how to leverage the Python language to forensic and digital investigation problems. I always thought of this as an on-ramp and a beginning that I hope this will inspire you to create something great and share it with the world.
Prerequisites
Access to a computer, familiarity with an operating system (Windows, Linux, or Mac) and access to the Internet, coupled with a desire to learn.
Reading this book
The book is organized with the first two chapters focused on introductory material and setting up the free Python development environment. Chapters 3 through 11 focus on differing problems or challenges within digital investigation, and provide guided solutions along with reference implementations that focus on the core issues presented. I encourage you to use, expand, evolve, and improve the solutions provided. Finally, Chapter 12 looks back and then forward to consider the path ahead.
Supported platforms
All the examples in the book are written in Python 2.7.x in order to provide the greatest platform compatibility. The associated web site has solutions for both Python 2.7.x and 3.x whenever possible. As more third party libraries complete support for Python 3.x, all the examples will be available for 2.7.x and 3.x. Most of the examples have been tested on Windows, Linux, and Mac operating systems and will most likely work correctly on other environments that fully support at least Python