简介
Harlan Carvey brings readers an advanced book on Windows Registry. The first book of its kind EVER -- Windows Registry Forensics provides the background of the Registry to help develop an understanding of the binary structure of Registry hive files. Approaches to live response and analysis are included, and tools and techniques for postmortem analysis are discussed at length. Tools and techniques will be presented that take the analyst beyond the current use of viewers and into real analysis of data contained in the Registry.
Packed with real-world examples using freely available open source tools Deep explanation and understanding of the Windows Registry - the most difficult part of Windows to analyze forensically Includes a CD containing code and author-created tools discussed in the book
目录
Front cover 1
Windows Registry Forensics 4
Copyright page 5
Dedication 6
Table of Contents 8
Preface 10
Acknowledgments 16
About the Author 18
Chapter 1. Registry Analysis 20
Introduction 20
What Is \u201cRegistry Analysis\u201d? 22
What Is the Windows Registry? 33
Registry Structure 42
Summary 51
Frequently Asked Questions 51
References 52
Chapter 2. Tools 54
Introduction 54
Live Analysis 55
Summary 99
Frequently Asked Questions 100
References 101
Chapter 3. Case Studies: The System 104
Introduction 104
Security and SAM Hives 105
System Hive 121
Software Hive 143
BCD Hive 169
Summary 171
Frequently Asked Questions 172
References 174
Chapter 4. Case Studies: Tracking User Activity 178
Introduction 178
Tracking User Activity 180
Scenarios 214
Summary 220
References 220
Index 222
Windows Registry Forensics 4
Copyright page 5
Dedication 6
Table of Contents 8
Preface 10
Acknowledgments 16
About the Author 18
Chapter 1. Registry Analysis 20
Introduction 20
What Is \u201cRegistry Analysis\u201d? 22
What Is the Windows Registry? 33
Registry Structure 42
Summary 51
Frequently Asked Questions 51
References 52
Chapter 2. Tools 54
Introduction 54
Live Analysis 55
Summary 99
Frequently Asked Questions 100
References 101
Chapter 3. Case Studies: The System 104
Introduction 104
Security and SAM Hives 105
System Hive 121
Software Hive 143
BCD Hive 169
Summary 171
Frequently Asked Questions 172
References 174
Chapter 4. Case Studies: Tracking User Activity 178
Introduction 178
Tracking User Activity 180
Scenarios 214
Summary 220
References 220
Index 222
- 名称
- 类型
- 大小
光盘服务联系方式: 020-38250260 客服QQ:4006604884
云图客服:
用户发送的提问,这种方式就需要有位在线客服来回答用户的问题,这种 就属于对话式的,问题是这种提问是否需要用户登录才能提问
Video Player
×
Audio Player
×
pdf Player
×
亲爱的云图用户,
光盘内的文件都可以直接点击浏览哦
无需下载,在线查阅资料!
