Rating: 4 out of 5 stars
4/5
Ebook264 pages1 hour
Integrating Python with Leading Computer Forensics Platforms
By Chet Hosmer
Rating: 0 out of 5 stars
()
About this ebook
Integrating Python with Leading Computer Forensic Platforms takes a definitive look at how and why the integration of Python advances the field of digital forensics. In addition, the book includes practical, never seen Python examples that can be immediately put to use. Noted author Chet Hosmer demonstrates how to extend four key Forensic Platforms using Python, including EnCase by Guidance Software, MPE+ by AccessData, The Open Source Autopsy/SleuthKit by Brian Carrier and WetStone Technologies, and Live Acquisition and Triage Tool US-LATT. This book is for practitioners, forensic investigators, educators, students, private investigators, or anyone advancing digital forensics for investigating cybercrime.
Additionally, the open source availability of the examples allows for sharing and growth within the industry. This book is the first to provide details on how to directly integrate Python into key forensic platforms.
- Provides hands-on tools, code samples, detailed instruction, and documentation that can be immediately put to use
- Shows how to integrate Python with popular digital forensic platforms, including EnCase, MPE+, The Open Source Autopsy/SleuthKit, and US-LATT
- Presents complete coverage of how to use Open Source Python scripts to extend and modify popular digital forensic Platforms
Author
Chet Hosmer
Chet Hosmer serves as an Assistant Professor of Practice at the University of Arizona in the Cyber Operations program, where he is teaching and researching the application of Python and Machine Learning to advanced cybersecurity challenges. Chet is also the founder of Python Forensics, Inc. a non-profit organization focused on the collaborative development of open-source investigative technologies using Python and other popular scripting languages. Chet has made numerous appearances to discuss emerging cyber threats including NPR, ABC News, Forbes, IEEE, The New York Times, The Washington Post, Government Computer News, Salon.com, and Wired Magazine. He has 7 published books with Elsevier and Apress that focus on data hiding, passive network defense strategies, Python Forensics, PowerShell, and IoT.
Read more from Chet Hosmer
Python Forensics: A Workbench for Inventing and Sharing Digital Forensic Technology Data Hiding: Exposing Concealed Data in Multimedia, Operating Systems, Mobile Devices and Network Protocols Rating: 5 out of 5 stars5/5PowerShell and Python Together: Targeting Digital Investigations Rating: 0 out of 5 stars0 ratingsExecuting Windows Command Line Investigations: While Ensuring Evidentiary Integrity Rating: 0 out of 5 stars0 ratingsPython Passive Network Mapping: P2NMAP Rating: 4 out of 5 stars4/5Defending IoT Infrastructures with the Raspberry Pi: Monitoring and Detecting Nefarious Behavior in Real Time Rating: 0 out of 5 stars0 ratings
Related to Integrating Python with Leading Computer Forensics Platforms
Related ebooks
Effective Python Penetration Testing Rating: 0 out of 5 stars0 ratingsMastering Social Media Mining with Python Rating: 5 out of 5 stars5/5Mastering Python Forensics Rating: 4 out of 5 stars4/5OS X Incident Response: Scripting and Analysis Rating: 0 out of 5 stars0 ratingsCuckoo Malware Analysis Rating: 0 out of 5 stars0 ratingsBig Data Forensics – Learning Hadoop Investigations Rating: 0 out of 5 stars0 ratingsLearning Penetration Testing with Python Rating: 0 out of 5 stars0 ratingsSQL Injection Attacks and Defense Rating: 5 out of 5 stars5/5Getting Started with tmux Rating: 0 out of 5 stars0 ratingsMastering Python Networking Rating: 5 out of 5 stars5/5Python For Data Science Rating: 0 out of 5 stars0 ratingsPractical Windows Forensics Rating: 0 out of 5 stars0 ratingsDigital Triage Forensics: Processing the Digital Crime Scene Rating: 2 out of 5 stars2/5Client-Side Attacks and Defense Rating: 0 out of 5 stars0 ratingsWindows Malware Analysis Essentials Rating: 5 out of 5 stars5/5Python Web Penetration Testing Cookbook Rating: 0 out of 5 stars0 ratingsPenetration Tester's Open Source Toolkit Rating: 0 out of 5 stars0 ratingsLearn Python in 7 Days Rating: 0 out of 5 stars0 ratingsCybersafe For Humans: A Simple Guide to Keep You and Your Family Safe Online Rating: 0 out of 5 stars0 ratingsDigital Forensics A Complete Guide - 2021 Edition Rating: 0 out of 5 stars0 ratingsMastering Malware Analysis: The complete malware analyst's guide to combating malicious software, APT, cybercrime, and IoT attacks Rating: 0 out of 5 stars0 ratingsMoving To The Cloud: Developing Apps in the New World of Cloud Computing Rating: 3 out of 5 stars3/5Developer's Guide to Web Application Security Rating: 3 out of 5 stars3/5Java 9 with JShell Rating: 0 out of 5 stars0 ratingsLearning Python for Forensics Rating: 0 out of 5 stars0 ratingsBuilding a Pentesting Lab for Wireless Networks Rating: 0 out of 5 stars0 ratingsAdvances in Cyber Security: Technology, Operations, and Experiences Rating: 0 out of 5 stars0 ratingsThe Best Damn Cybercrime and Digital Forensics Book Period Rating: 3 out of 5 stars3/5Secure Your Network for Free Rating: 0 out of 5 stars0 ratings
Information Technology For You
Creating Online Courses with ChatGPT | A Step-by-Step Guide with Prompt Templates Rating: 4 out of 5 stars4/5Health Informatics: Practical Guide Rating: 0 out of 5 stars0 ratingsAWS Certified Cloud Practitioner: Study Guide with Practice Questions and Labs Rating: 5 out of 5 stars5/5Data Analytics for Beginners: Introduction to Data Analytics Rating: 4 out of 5 stars4/5A Practical Guide Wireshark Forensics Rating: 5 out of 5 stars5/5Agile for Non-Software Teams Rating: 5 out of 5 stars5/5How To Use Chatgpt: Using Chatgpt To Make Money Online Has Never Been This Simple Rating: 0 out of 5 stars0 ratingsComputer Science: A Concise Introduction Rating: 4 out of 5 stars4/5How to Write Effective Emails at Work Rating: 4 out of 5 stars4/5Data Governance For Dummies Rating: 0 out of 5 stars0 ratingsPractical Ethical Hacking from Scratch Rating: 5 out of 5 stars5/5Kafka Streams - Real-time Streams Processing Rating: 5 out of 5 stars5/5Hacking Essentials - The Beginner's Guide To Ethical Hacking And Penetration Testing Rating: 3 out of 5 stars3/5Google Cloud Platform an Architect's Guide Rating: 5 out of 5 stars5/5An Ultimate Guide to Kali Linux for Beginners Rating: 3 out of 5 stars3/5Inkscape Beginner’s Guide Rating: 5 out of 5 stars5/5COMPUTER SCIENCE FOR ROOKIES Rating: 0 out of 5 stars0 ratingsCompTIA A+ CertMike: Prepare. Practice. Pass the Test! Get Certified!: Core 1 Exam 220-1101 Rating: 0 out of 5 stars0 ratingsHandbook of Digital Forensics and Investigation Rating: 4 out of 5 stars4/5ChatGPT: The Future of Intelligent Conversation Rating: 4 out of 5 stars4/5Windows Registry Forensics: Advanced Digital Forensic Analysis of the Windows Registry Rating: 4 out of 5 stars4/5The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy Rating: 4 out of 5 stars4/5The Certified Fintech Professional Rating: 5 out of 5 stars5/5A Civic Technologist's Practice Guide Rating: 0 out of 5 stars0 ratingsComputer Organization and Design: The Hardware / Software Interface Rating: 4 out of 5 stars4/5The iPadOS 17: The Complete User Manual to Quick Set Up and Mastering the iPadOS 17 with New Features, Pictures, Tips, and Tricks Rating: 0 out of 5 stars0 ratings
Related podcast episodes
Getting Started in Python Cybersecurity and Forensics 0% found this document useful48: A GUI for pytest: The story of how I discovered the current best GUI to run pytest. 0% found this document usefulRun Python in a Browser With Pyodide & The Power of f-Strings 0% found this document usefulComputational Thinking & Learning Python During an AI Revolution 0% found this document usefulCybersecurity and Hacking with Kevin Mitnick 0% found this document useful2: Pytest vs Unittest vs Nose: Choosing a test framework 0% found this document usefulEpisode 19 (Python for Data Science - Python Files - Scripts and Modules) 0% found this document usefulBonus: Afternoon Cyber Tea: IoT-Based Infrastructures 0% found this document useful#059 - 10 Python clean code tips drawn from code reviews 0% found this document usefulThe Rust Programming Language: with Steve Klabnik and Yehuda Katz 0% found this document usefulUnraveling Python's Syntax to Its Core With Brett Cannon 100% found this document usefulTCP & UDP: with Adam Woodbeck 0% found this document usefulMobile Forensics 0% found this document usefulGenerators, Coroutines, and Learning Python Through Exercises 0% found this document useful
Related articles
Your First Code Essential Apple User MagazineArticle
Your First Code
Jul 31, 2019
1 min readLint Hub Linux FormatArticle
Lint Hub
Jul 27, 2021
Pylint – a comprehensive linter that focuses on standards compliance and error detection. It’s likely built into your favourite IDE. Pycodestyle (formerly known as PEP8) – focuses on validating code formatting PEPs, has some overlap with Pylint. Pyfl
1 min readCommon Errors Linux FormatArticle
Common Errors
Aug 27, 2019
If you receive a ‘Script not found’ error, this probably means that you don’t have the mod scripts installed in your Minecraft directory. Check that you’ve replaced .minecraft with the one from McPiFoMo; this should include mcpipy, which will be full
1 min readWi-Fi Networks Vulnerable To New FragAttacks Linux FormatArticle
Wi-Fi Networks Vulnerable To New FragAttacks
Jun 29, 2021
1 min readHello World Of Raspberry Pi Linux FormatArticle
Hello World Of Raspberry Pi
Oct 19, 2021
Ellora James is a fourth-year student who’s taking a university degree course on ethical hacking. I was first introduced to the Raspberry Pi back in high school, and I’ve been hooked ever since printing my first “Hello World” in Python. Recently, I s
1 min readBuild A Search And Analytic Engine Linux FormatArticle
Build A Search And Analytic Engine
Mar 10, 2020
7 min readSherlock Linux FormatArticle
Sherlock
May 31, 2022
1 min readSysLinuxOS 11.3 Linux FormatArticle
SysLinuxOS 11.3
May 31, 2022
2 min readEveryone Can Code: Programming for the Future TechLife NewsArticle
Everyone Can Code: Programming for the Future
Dec 23, 2017
4 min readUse Home Assistant NodeRED devices Linux FormatArticle
Use Home Assistant NodeRED devices
May 31, 2022
NodeRED is an open source graphical programming environment that can be used to complete a large number of tasks. Graphical programming languages tend to be more intuitive than textual programming languages and can be easier to learn. Support is buil
5 min readCybersecurity Courses Ramp Up Amid Shortage Of Professionals TechLife NewsArticle
Cybersecurity Courses Ramp Up Amid Shortage Of Professionals
Jun 18, 2022
7 min readScan Your Network From The Inside PC Pro MagazineArticle
Scan Your Network From The Inside
Apr 10, 2022
2 min readIn Brief Linux FormatArticle
In Brief
Jun 1, 2021
Mu is a code editor for many forms of Python. We can write standard Python 3 code, create web apps and write code for microcontrollers such as the new Raspberry Pi Pico. Mu is designed for new users and does away with complicated IDEs in favour of a
1 min readDevs love Linux (but prefer Windows) Linux FormatArticle
Devs love Linux (but prefer Windows)
Sep 21, 2021
The latest Stackoverflow survey results are in (you can see them all at https://bit.ly/lxf281stackoverflow). Over 80,000 developers from 181 countries participated in the survey earlier this year. The findings reveal how they work, including the apps
1 min readDevelop TCP/IP Servers And Clients Linux FormatArticle
Develop TCP/IP Servers And Clients
Aug 23, 2022
RUST OUR EXPERT Get the code for this tutorial from the Linux Format archive: www. linuxformat. com/archives ?issue=293. You can learn more about Rust at www. rust-lang.org. This month we’ll learn how to develop TCP/IP servers and clients in Rust
10 min readHacker’s Manual Linux FormatArticle
Hacker’s Manual
Nov 17, 2020
1 min readSaving and Executing Your Code Essential Apple User MagazineArticle
Saving and Executing Your Code
Jul 31, 2019
2 min readBuild An Embedded Temperature Sensor Linux FormatArticle
Build An Embedded Temperature Sensor
Jan 11, 2022
While reviewing the Pimoroni Display HAT Mini (see page 43) we created a quick project to demonstrate how easy this screen is to work with, and how useful the QW/ST connector is. The project uses an AHT20 temperature sensor to collect data, which is
3 min readInform And Enhance Your Business With Open Data PC Pro MagazineArticle
Inform And Enhance Your Business With Open Data
Jun 10, 2021
7 min readWhy We Need To Fear The Risk Of AI Model Collapse Evening StandardArticle
Why We Need To Fear The Risk Of AI Model Collapse
Dec 17, 2023
4 min read2 The Use of Python in AI and ML TechfastlyArticle
2 The Use of Python in AI and ML
Nov 30, 2020
3 min readWeb App Security Linux FormatArticle
Web App Security
Jun 29, 2021
8 min readHow AI Joins The Fight Against Coronavirus APCArticle
How AI Joins The Fight Against Coronavirus
Apr 20, 2020
4 min readContributing For Non - Coders Linux FormatArticle
Contributing For Non - Coders
Jan 10, 2023
9 min readPoisoning The Well Linux FormatArticle
Poisoning The Well
Jan 11, 2022
4 min readQ&A: OPENAI CTO MIRA MURATI ON SHEPHERDING CHATGPT TechLife NewsArticle
Q&A: OPENAI CTO MIRA MURATI ON SHEPHERDING CHATGPT
Apr 29, 2023
4 min readQ&A: OPENAI CTO MIRA MURATI ON SHEPHERDING CHATGPT AppleMagazineArticle
Q&A: OPENAI CTO MIRA MURATI ON SHEPHERDING CHATGPT
Apr 28, 2023
4 min readSecure Mobile Comms RECOIL OFFGRIDArticle
Secure Mobile Comms
Dec 6, 2022
9 min readPowering Costing With Artificial Intelligence: The Case Of Vodafone Procurement The European Business ReviewArticle
Powering Costing With Artificial Intelligence: The Case Of Vodafone Procurement
May 25, 2021
8 min readChatGPT Changed Everything. Now Its Follow-Up Is Here. The AtlanticArticle
ChatGPT Changed Everything. Now Its Follow-Up Is Here.
Mar 14, 2023
6 min read
Reviews for Integrating Python with Leading Computer Forensics Platforms
Rating: 0 out of 5 stars
0 ratings
0 ratings0 reviews
Book preview
Integrating Python with Leading Computer Forensics Platforms - Chet Hosmer
be.
Chapter 1
Integrating Python With Forensics Platforms
Abstract
This chapter introduces the key objectives of the book and identifies other resources for further study, along with basic Python fundamentals for those new to the language. We also define the specific forensic platforms that will be the basis for the integration methods. We must answer the critical question of what options for integration exist and how might they be useful to forensics? Finally, we answer how do the resulting scripts and integrations benefit from using Python?
Keywords
Python; Forensics; Encase; Guidance Software; MPE +; Access Data; Paraben P2 Commander; WetStone; US-LATT; Autopsy; Brian Carrier; Open source; Preprocessing; Postprocessing; Application programming interface; Hard problems; Encryption; Steganography; Rainbow tables; Geo-location; eXtensible Markup Language; Comma-separated value
Introduction
The Python programming language and environment has proven to be easy to learn and use, and is adaptable to virtually any domain or challenge problem. Companies such as Google, Dropbox, Disney, Industrial Light and Magic, and YouTube just to mention a handful are using Python within their operations. Additionally, organizations such as NASA's Jet Propulsion Lab, the National Weather Service, the Swedish Meteorological and Hydrological Institute (SMHI), and Lawrence Livermore National Laboratory rely on Python to build models, make predictions, run experiments, and control critical operational systems.
When integrating Python with computer forensic platforms, several areas can benefit:
(1) Automation of current manual processes
(2) Rapid prototyping of new examination methods
(3) Access to a rich library of packages that can accelerate the development of new approaches
(4) Enhanced performance by leveraging multiprocessing, set theory, dictionaries, and other advanced methods that are ideally suited to enhance forensic examination
For those new to Python, the best place to start is at the Python Software Foundation (PSF), website at www.python.org as depicted in Fig.
Enjoying the preview?
Page 1 of 1