Windows Forensics Cookbook

Key Features

• Prepare and perform investigations using powerful tools for Windows,
• Collect and validate evidence from suspect networks and computers and uncover clues that are otherwise difficult
• Packed with powerful recipes to perform highly effective field investigations

Book Description

This book covers recipes to overcome these challenges and carry out effective investigations easily on a Windows platform. You will begin with a refresher to Digital Forensics and Evidence Acquisition, which will help you to understand the challenges faced while acquiring evidence from Windows systems. Next you will learn to acquire Windows memory and and analyze Windows systems with modern forensic tools. The book will also cover more in-depth elements of forensic analysis, such as how to analyse data from Windows system artifacts, parsing data from the most commonly-used web browsers and email services, and effective reporting in digital forensic investigations.

You will get to know how Windows 10 is different from previous versions and how you can overcome the specific challenges it brings. Finally, you will learn to troubleshoot issues that arise while performing digital forensic investigations.

By the end of the book, you will be able to carry forensics investigations efficiently.

What you will learn

• Understand Challenges of Acquiring Evidence from Windows Systems and overcome them
• Acquire and analyze Windows Memory and Drive with modern forensic tools.
• Extract and analyze data from Windows file systems, shadow copies and the registry
• Understand the main Windows system artifacts and how to parse data from them using forensic tools
• Forensic analysis of common web browsers, mailboxes and instant messenger services
• How Windows 10 differs from previous versions and how to overcome the specific challenges it presents
• Create a graphical timeline and visualize data, which can then be incorporated into the final report
• Troubleshoot issues that arise while performing Windows forensics