January 19, 2011

My book is more or less "done"

I've been quiet for a while, mostly because I've been spending the bulk of my "free" time working on a new book with Harlan Carvey: Digital Forensics With Open Source Tools (or, DFWOST for short). It is currently due to be released May 15, 2011.

In the book, we discuss operational aspects of using open source tools to perform an end-to-end forensic investigation, starting from basic file system analysis using the various tools of The Sleuth Kit, to analysis of artifacts of interest found within complex carrier files like ZIP archives and Microsoft Office Documents, to the installation and use of modern forensic apps like the Digital Forensics Framework. We approach this from a purely operational perspective. Each chapter should be full of things that you can implement and use right away. Taken together, you should hopefully be able to perform a complete investigation with open source tools.

I'll be using this site to continue discussing the topics I brought up in the book, and to discuss further additional topics that I wasn't able to get to. I'm also happy to field any questions anyone has about the book here as well. To that end, I've created a Google Group for discussion of the book or any topics related to the book. I hope the book is a useful resource for the forensics community.
  • Stumble This
  • Fav This With Technorati
  • Add To Del.icio.us
  • Digg This
  • Add To Facebook
  • Add To Yahoo

2 comments:

CONTRA-TORPEDEIRO said...

Hello, Cory

Thank you for your work. I bought your wonderful book, which will be very useful for my master's thesis. I would like to exchange views with you on Certain passages of the book practices. Is there any forum for that purpose? Best regards,

M. Delgado

Cory said...

Hello M. Delgado -

I set up a Google group for this purpose but I haven't done a good job of publicizing it:

http://groups.google.com/group/dfwost

Any questions, comments, or concerns can be posted there.

I'll put up a post this week to that effect.

Post a Comment