Windows Registry Forensics

Windows Registry Forensics
ISBN: 9781597495806
Pages: 248
Trim: 7.5 in x 9.25 in
Publication Date: Jan 2011

Windows Registry Forensics

By Harlan Carvey


Harlan Carvey brings readers an advanced book on Windows Registry - the most difficult part of Windows to analyze in forensics! Windows Registry Forensics provides the background of the Registry to help develop an understanding of the binary structure of Registry hive files. Approaches to live response and analysis are included and tools and techniques for post-mortem analysis are discussed at length. Tools and techniques will be presented that take the analyst beyond the current use of viewers and into real analysis of data contained in the Registry. This book also has a  DVD containing tools, instructions and videos.

  • Packed with real-world examples using freely available tools
  • Deep explanation and understanding of the Windows Registry - the most misunderstood files
  • Author Harlan Carvey brings his expert knowledge and tools into one book

About the Authors

Harlan Carvey
Internationally renowned Forensic Analyst


  • Chapter 1 Registry Analysis
    Chapter 2 Tools
    Chapter 3 Case Studies: The System
    Chapter 4 Case Studies: Tracking User Activity

0 意見: