Integrating Python with Leading Computer Forensics Platforms

Book Description

Integrating Python with Leading Computer Forensic Platforms takes a definitive look at how and why the integration of Python advances the field of digital forensics. In addition, the book includes practical, never seen Python examples that can be immediately put to use. Noted author Chet Hosmer demonstrates how to extend four key Forensic Platforms using Python, including EnCase by Guidance Software, MPE+ by Access Data, The Open Source Autopsy/SleuthKit by Brian Carrier and WetStone Technologies, and Live Acquisition and Triage Tool US-LATT. This book is for practitioners, forensic investigators, educators, students, private investigators, or anyone advancing digital forensics for investigating cybercrime.

Additionally, the open source availability of the examples allows for sharing and growth within the industry. This book is the first to provide details on how to directly integrate Python into key forensic platforms.

• Provides hands-on tools, code samples, detailed instruction, and documentation that can be immediately put to use
• Shows how to integrate Python with popular digital forensic platforms, including EnCase, MPE+, The Open Source Autopsy/SleuthKit, and US-LATT
• Presents complete coverage of how to use Open Source Python scripts to extend and modify popular digital forensic Platforms

Table of Contents

Chapter 1: Integrating Python With Forensics Platforms
Chapter 2: Key Python Language Elements for Forensics
Chapter 3: Integrating Python With MPE+
Chapter 4: Integrating Python With EnCase/EnScripts
Chapter 5: Integrating Python With Leading Forensic Platforms
Chapter 6: Integrating Python With Leading Forensic Platforms
Chapter 7: Future Look and an Integration Challenge Problem

中文：

书名：将Python与领先的计算机取证平台集成

将Python与领先的计算机取证平台集成 明确地介绍了如何以及为什么集成Python推动了数字取证领域的发展。此外，这本书还包括一些实用的、从未见过的、可以立即投入使用的Python示例。著名作者Chet Hosmer演示了如何使用Python扩展四个关键的法医平台，包括Enase by Guidance Software、MPE+by Access Data、Brian Carrier和Wetstone Technologies的开源尸检/SleuthKit，以及Live Acquisition和分诊工具US-Latt。本书面向从业者、法医调查员、教育工作者、学生、私家侦探或任何推进数字取证以调查网络犯罪的人。

此外，示例的开源可获得性允许在行业内共享和增长。这本书是第一本提供如何将Python直接集成到关键取证平台的详细信息。

• 提供可立即投入使用的动手工具、代码示例、详细说明和文档
• 演示如何将Python与流行的数字取证平台集成，包括Enase、MPE+、开放源代码的autopsy/SleuthKit和US-Latt
• 完整介绍如何使用开源Python脚本来扩展和修改流行的数字取证平台

目录表

第1章：将Python与Forensics平台集成
Chapter 2: Key Python Language Elements for Forensics
第3章：将Python与MPE+集成
第4章：将Python与Enase/EnScript集成
第5章：将Python与领先的取证平台集成
第6章：将Python与领先的取证平台集成
第七章：未来展望和整合挑战问题