Skip to main content

Windows Forensic Analysis Toolkit

In Order to Read Online or Download Windows Forensic Analysis Toolkit Full eBooks in PDF, EPUB, Tuebl and Mobi you need to create a Free account. Get any books you like and read everywhere you want. Fast Download Speed ~ Commercial & Ad Free. We cannot guarantee that every book is in the library!

Windows Forensic Analysis Toolkit

Windows Forensic Analysis Toolkit Book
Author : Harlan Carvey
Publisher : Syngress Press
Release : 2014-03-27
ISBN : 9780124171572
Language : En, Es, Fr & De

GET BOOK

Book Description :

"When I sat down to update the material for this edition, I wanted to not only include new information that I'd found or developed since the third edition was published, but I also wanted to try to include as much information as possible regarding Windows 8 and 8.1. With Windows 8.1 becoming available while I was updating the book, the inevitable questions were being asked, and invariably it won't be long before we start seeing the systems appear on analyst's workbenches. As such, I've tried to provide as much information as I could with respect to newer versions of Windows (i.e., 8 and 8.1), either by writing it directly into the book or linking to the sources of information on the Internet, when attempting to summarize it would simply not do the content justice. Keep in mind, however, that new information is being discovered and developed all the time, and at some point, I needed to stop writing and submit the book for final review and publishing. I'm sure that even more information will become available during the time between when the book goes to the printer, and when it actually comes out on the shelves at bookstores"--

Windows Forensic Analysis DVD Toolkit

Windows Forensic Analysis DVD Toolkit Book
Author : Harlan Carvey
Publisher : Syngress
Release : 2018-04-22
ISBN : 9780080957036
Language : En, Es, Fr & De

GET BOOK

Book Description :

Windows Forensic Analysis DVD Toolkit, 2nd Edition, is a completely updated and expanded version of Harlan Carvey's best-selling forensics book on incident response and investigating cybercrime on Windows systems. With this book, you will learn how to analyze data during live and post-mortem investigations. New to this edition is Forensic Analysis on a Budget, which collects freely available tools that are essential for small labs, state (or below) law enforcement, and educational organizations. The book also includes new pedagogical elements, Lessons from the Field, Case Studies, and War Stories that present real-life experiences by an expert in the trenches, making the material real and showing the why behind the how. The companion DVD contains significant, and unique, materials (movies, spreadsheet, code, etc.) not available anyplace else because they were created by the author. This book will appeal to digital forensic investigators, IT security professionals, engineers, and system administrators as well as students and consultants. Best-Selling Windows Digital Forensic book completely updated in this 2nd Edition Learn how to Analyze Data During Live and Post-Mortem Investigations DVD Includes Custom Tools, Updated Code, Movies, and Spreadsheets!

Windows Forensic Analysis Toolkit

Windows Forensic Analysis Toolkit Book
Author : Harlan Carvey
Publisher : Elsevier
Release : 2012-01-27
ISBN : 1597497282
Language : En, Es, Fr & De

GET BOOK

Book Description :

Windows Forensic Analysis Toolkit: Advanced Analysis Techniques for Windows 7 provides an overview of live and postmortem response collection and analysis methodologies for Windows 7. It considers the core investigative and analysis concepts that are critical to the work of professionals within the digital forensic analysis community, as well as the need for immediate response once an incident has been identified. Organized into eight chapters, the book discusses Volume Shadow Copies (VSCs) in the context of digital forensics and explains how analysts can access the wealth of information available in VSCs without interacting with the live system or purchasing expensive solutions. It also describes files and data structures that are new to Windows 7 (or Vista), Windows Registry Forensics, how the presence of malware within an image acquired from a Windows system can be detected, the idea of timeline analysis as applied to digital forensic analysis, and concepts and techniques that are often associated with dynamic malware analysis. Also included are several tools written in the Perl scripting language, accompanied by Windows executables. This book will prove useful to digital forensic analysts, incident responders, law enforcement officers, students, researchers, system administrators, hobbyists, or anyone with an interest in digital forensic analysis of Windows 7 systems. Timely 3e of a Syngress digital forensic bestseller Updated to cover Windows 7 systems, the newest Windows version New online companion website houses checklists, cheat sheets, free tools, and demos

Windows Forensic Analysis Toolkit 4th Edition

Windows Forensic Analysis Toolkit  4th Edition Book
Author : Harlan Carvey
Publisher : Unknown
Release : 2014
ISBN : 0987650XXX
Language : En, Es, Fr & De

GET BOOK

Book Description :

Harlan Carvey has updated Windows Forensic Analysis Toolkit, now in its fourth edition, to cover Windows 8 systems. The primary focus of this edition is on analyzing Windows 8 systems and processes using free and open-source tools. The book covers live response, file analysis, malware detection, timeline, and much more. Harlan Carvey presents real-life experiences from the trenches, making the material realistic and showing the why behind the how. The companion and toolkit materials are hosted online. This material consists of electronic printable checklists, cheat sheets, free custom tools, and walk-through demos. This edition complements Windows Forensic Analysis Toolkit, Second Edition, which focuses primarily on XP, and Windows Forensic Analysis Toolkit, Third Edition, which focuses primarily on Windows 7. This new fourth edition provides expanded coverage of many topics beyond Windows 8 as well, including new cradle-to-grave case examples, USB device analysis, hacking and intrusion cases, and "how would I do this" from Harlan's personal case files and questions he has received from readers. The fourth edition also includes an all-new chapter on reporting. Complete coverage and examples of Windows 8 systems Contains lessons from the field, case studies, and war stories Companion online toolkit material, including electronic printable checklists, cheat sheets, custom tools, and walk-throughs.

Windows Forensic Analysis Toolkit

Windows Forensic Analysis Toolkit Book
Author : Harlan A. Carvey
Publisher : Unknown
Release : 2007
ISBN : 0987650XXX
Language : En, Es, Fr & De

GET BOOK

Book Description :

Download Windows Forensic Analysis Toolkit book written by Harlan A. Carvey, available in PDF, EPUB, and Kindle, or read full book online anywhere and anytime. Compatible with any devices.

Windows Forensic Analysis Toolkit 3rd Edition

Windows Forensic Analysis Toolkit  3rd Edition Book
Author : Harlan Carvey
Publisher : Unknown
Release : 2012
ISBN : 0987650XXX
Language : En, Es, Fr & De

GET BOOK

Book Description :

Windows Forensic Analysis Toolkit: Advanced Analysis Techniques for Windows 7 provides an overview of live and postmortem response collection and analysis methodologies for Windows 7. It considers the core investigative and analysis concepts that are critical to the work of professionals within the digital forensic analysis community, as well as the need for immediate response once an incident has been identified. Organized into eight chapters, the book discusses Volume Shadow Copies (VSCs) in the context of digital forensics and explains how analysts can access the wealth of information available in VSCs without interacting with the live system or purchasing expensive solutions. It also describes files and data structures that are new to Windows 7 (or Vista), Windows Registry Forensics, how the presence of malware within an image acquired from a Windows system can be detected, the idea of timeline analysis as applied to digital forensic analysis, and concepts and techniques that are often associated with dynamic malware analysis. Also included are several tools written in the Perl scripting language, accompanied by Windows executables. This book will prove useful to digital forensic analysts, incident responders, law enforcement officers, students, researchers, system administrators, hobbyists, or anyone with an interest in digital forensic analysis of Windows 7 systems. Timely 3e of a Syngress digital forensic bestseller Updated to cover Windows 7 systems, the newest Windows version New online companion website houses checklists, cheat sheets, free tools, and demos.

Windows Forensic Analysis DVD Toolkit 2nd Ed

Windows Forensic Analysis DVD Toolkit   2nd Ed Book
Author : Harlan Carvey
Publisher : Unknown
Release : 2009
ISBN : 0987650XXX
Language : En, Es, Fr & De

GET BOOK

Book Description :

Download Windows Forensic Analysis DVD Toolkit 2nd Ed book written by Harlan Carvey, available in PDF, EPUB, and Kindle, or read full book online anywhere and anytime. Compatible with any devices.

Windows Forensic Analysis Toolkit

Windows Forensic Analysis Toolkit Book
Author : Harlan Carvey
Publisher : Elsevier
Release : 2014-03-11
ISBN : 0124171745
Language : En, Es, Fr & De

GET BOOK

Book Description :

Harlan Carvey has updated Windows Forensic Analysis Toolkit, now in its fourth edition, to cover Windows 8 systems. The primary focus of this edition is on analyzing Windows 8 systems and processes using free and open-source tools. The book covers live response, file analysis, malware detection, timeline, and much more. Harlan Carvey presents real-life experiences from the trenches, making the material realistic and showing the why behind the how. The companion and toolkit materials are hosted online. This material consists of electronic printable checklists, cheat sheets, free custom tools, and walk-through demos. This edition complements Windows Forensic Analysis Toolkit, Second Edition, which focuses primarily on XP, and Windows Forensic Analysis Toolkit, Third Edition, which focuses primarily on Windows 7. This new fourth edition provides expanded coverage of many topics beyond Windows 8 as well, including new cradle-to-grave case examples, USB device analysis, hacking and intrusion cases, and "how would I do this" from Harlan's personal case files and questions he has received from readers. The fourth edition also includes an all-new chapter on reporting. Complete coverage and examples of Windows 8 systems Contains lessons from the field, case studies, and war stories Companion online toolkit material, including electronic printable checklists, cheat sheets, custom tools, and walk-throughs

Windows Forensic Analysis Toolkit

Windows Forensic Analysis Toolkit Book
Author : Harlan A. Carvey
Publisher : Elsevier
Release : 2012
ISBN : 1597497274
Language : En, Es, Fr & De

GET BOOK

Book Description :

Now in its third edition, Harlan Carvey has updated Windows Forensic Analysis Toolkit to cover Windows 7 systems. The primary focus of this edition is on analyzing Windows 7 systems and on processes using free and open-source tools. The book covers live response, file analysis, malware detection, timeline, and much more. The author presents real-life experiences from the trenches, making the material realistic and showing the why behind the how. New to this edition, the companion and toolkit materials are now hosted online. This material consists of electronic printable checklists, cheat sheets, free custom tools, and walk-through demos. This edition complements Windows Forensic Analysis Toolkit, 2nd Ed. (ISBN: 9781597494229), which focuses primarily on XP. Complete coverage and examples on Windows 7 systems Contains Lessons from the Field, Case Studies, and War Stories Companion online material, including electronic printable checklists, cheat sheets, free custom tools, and walk-through demos

Windows Forensic Analysis DVD Toolkit 2nd Edition

Windows Forensic Analysis DVD Toolkit  2nd Edition Book
Author : Harlan Carvey
Publisher : Unknown
Release : 2018
ISBN : 0987650XXX
Language : En, Es, Fr & De

GET BOOK

Book Description :

Windows Forensic Analysis DVD Toolkit, 2nd Edition, is a completely updated and expanded version of Harlan Carvey's best-selling forensics book on incident response and investigating cybercrime on Windows systems. With this book, you will learn how to analyze data during live and post-mortem investigations. New to this edition is Forensic Analysis on a Budget, which collects freely available tools that are essential for small labs, state (or below) law enforcement, and educational organizations. The book also includes new pedagogical elements, Lessons from the Field, Case Studies, and War Stories that present real-life experiences by an expert in the trenches, making the material real and showing the why behind the how. The companion DVD contains significant, and unique, materials (movies, spreadsheet, code, etc.) not available anyplace else because they were created by the author. This book will appeal to digital forensic investigators, IT security professionals, engineers, and system administrators as well as students and consultants. Best-Selling Windows Digital Forensic book completely updated in this 2nd Edition Learn how to Analyze Data During Live and Post-Mortem Investigations DVD Includes Custom Tools, Updated Code, Movies, and Spreadsheets!

UNIX and Linux Forensic Analysis DVD Toolkit

UNIX and Linux Forensic Analysis DVD Toolkit Book
Author : Chris Pogue,Cory Altheide,Todd Haverkos
Publisher : Syngress
Release : 2008-07-24
ISBN : 9780080879123
Language : En, Es, Fr & De

GET BOOK

Book Description :

This book addresses topics in the area of forensic analysis of systems running on variants of the UNIX operating system, which is the choice of hackers for their attack platforms. According to a 2007 IDC report, UNIX servers account for the second-largest segment of spending (behind Windows) in the worldwide server market with $4.2 billion in 2Q07, representing 31.7% of corporate server spending. UNIX systems have not been analyzed to any significant depth largely due to a lack of understanding on the part of the investigator, an understanding and knowledge base that has been achieved by the attacker. The book begins with a chapter to describe why and how the book was written, and for whom, and then immediately begins addressing the issues of live response (volatile) data collection and analysis. The book continues by addressing issues of collecting and analyzing the contents of physical memory (i.e., RAM). The following chapters address /proc analysis, revealing the wealth of significant evidence, and analysis of files created by or on UNIX systems. Then the book addresses the underground world of UNIX hacking and reveals methods and techniques used by hackers, malware coders, and anti-forensic developers. The book then illustrates to the investigator how to analyze these files and extract the information they need to perform a comprehensive forensic analysis. The final chapter includes a detailed discussion of loadable kernel Modules and malware. Throughout the book the author provides a wealth of unique information, providing tools, techniques and information that won't be found anywhere else. This book contains information about UNIX forensic analysis that is not available anywhere else. Much of the information is a result of the author's own unique research and work. The authors have the combined experience of law enforcement, military, and corporate forensics. This unique perspective makes this book attractive to all forensic investigators.

Recent Trends in Computer Networks and Distributed Systems Security

Recent Trends in Computer Networks and Distributed Systems Security Book
Author : Sabu M. Thampi,Albert Y. Zomaya,Thorsten Strufe,Jose M. Alcaraz-Calero,Tony Thomas
Publisher : Springer
Release : 2012-09-10
ISBN : 3642341357
Language : En, Es, Fr & De

GET BOOK

Book Description :

This book constitutes the refereed proceedings of the International Conference on Recent Trends in Computer Networks and Distributed Systems Security, held in Trivandrum, India, in October 2012. The 34 revised full papers and 8 poster presentations were carefully reviewed and selected from 112 submissions. The papers cover various topics in Computer Networks and Distributed Systems.

Windows Forensics and Incident Recovery

Windows Forensics and Incident Recovery Book
Author : Harlan A. Carvey
Publisher : Addison-Wesley Professional
Release : 2004
ISBN : 0987650XXX
Language : En, Es, Fr & De

GET BOOK

Book Description :

The first book completely devoted to this important part of security in a Windows environment.

Mac OS X iPod and iPhone Forensic Analysis DVD Toolkit

Mac OS X  iPod  and iPhone Forensic Analysis DVD Toolkit Book
Author : Jesse Varsalone
Publisher : Syngress
Release : 2008-12-16
ISBN : 9780080949185
Language : En, Es, Fr & De

GET BOOK

Book Description :

This book provides digital forensic investigators, security professionals, and law enforcement with all of the information, tools, and utilities required to conduct forensic investigations of computers running any variant of the Macintosh OS X operating system, as well as the almost ubiquitous iPod and iPhone. Digital forensic investigators and security professionals subsequently can use data gathered from these devices to aid in the prosecution of criminal cases, litigate civil cases, audit adherence to federal regulatory compliance issues, and identify breech of corporate and government usage policies on networks. MAC Disks, Partitioning, and HFS+ File System Manage multiple partitions on a disk, and understand how the operating system stores data. FileVault and Time Machine Decrypt locked FileVault files and restore files backed up with Leopard's Time Machine. Recovering Browser History Uncover traces of Web-surfing activity in Safari with Web cache and .plist files Recovering Email Artifacts, iChat, and Other Chat Logs Expose communications data in iChat, Address Book, Apple's Mail, MobileMe, and Web-based email. Locating and Recovering Photos Use iPhoto, Spotlight, and shadow files to find artifacts pof photos (e.g., thumbnails) when the originals no longer exist. Finding and Recovering QuickTime Movies and Other Video Understand video file formats--created with iSight, iMovie, or another application--and how to find them. PDF, Word, and Other Document Recovery Recover text documents and metadata with Microsoft Office, OpenOffice, Entourage, Adobe PDF, or other formats. Forensic Acquisition and Analysis of an iPod Documentseizure of an iPod model and analyze the iPod image file and artifacts on a Mac. Forensic Acquisition and Analysis of an iPhone Acquire a physical image of an iPhone or iPod Touch and safely analyze without jailbreaking. Includes Unique Information about Mac OS X, iPod, iMac, and iPhone Forensic Analysis Unavailable Anywhere Else Authors Are Pioneering Researchers in the Field of Macintosh Forensics, with Combined Experience in Law Enforcement, Military, and Corporate Forensics

Windows Forensics

Windows Forensics Book
Author : Chad Steel
Publisher : John Wiley & Sons
Release : 2007-08-20
ISBN : 0470255145
Language : En, Es, Fr & De

GET BOOK

Book Description :

The evidence is in--to solve Windows crime, you need Windows tools An arcane pursuit a decade ago, forensic science today is a household term. And while the computer forensic analyst may not lead as exciting a life as TV's CSIs do, he or she relies just as heavily on scientific principles and just as surely solves crime. Whether you are contemplating a career in this growing field or are already an analyst in a Unix/Linux environment, this book prepares you to combat computer crime in the Windows world. Here are the tools to help you recover sabotaged files, track down the source of threatening e-mails, investigate industrial espionage, and expose computer criminals. * Identify evidence of fraud, electronic theft, and employee Internet abuse * Investigate crime related to instant messaging, Lotus Notes(r), and increasingly popular browsers such as Firefox(r) * Learn what it takes to become a computer forensics analyst * Take advantage of sample forms and layouts as well as case studies * Protect the integrity of evidence * Compile a forensic response toolkit * Assess and analyze damage from computer crime and process the crime scene * Develop a structure for effectively conducting investigations * Discover how to locate evidence in the Windows Registry

Malware Forensics Field Guide for Windows Systems

Malware Forensics Field Guide for Windows Systems Book
Author : Cameron H. Malin,Eoghan Casey,James M. Aquilina
Publisher : Elsevier
Release : 2012-05-11
ISBN : 1597494739
Language : En, Es, Fr & De

GET BOOK

Book Description :

Malware Forensics Field Guide for Windows Systems is a handy reference that shows students the essential tools needed to do computer forensics analysis at the crime scene. It is part of Syngress Digital Forensics Field Guides, a series of companions for any digital and computer forensic student, investigator or analyst. Each Guide is a toolkit, with checklists for specific tasks, case studies of difficult situations, and expert analyst tips that will aid in recovering data from digital media that will be used in criminal prosecution. This book collects data from all methods of electronic data storage and transfer devices, including computers, laptops, PDAs and the images, spreadsheets and other types of files stored on these devices. It is specific for Windows-based systems, the largest running OS in the world. The authors are world-renowned leaders in investigating and analyzing malicious code. Chapters cover malware incident response - volatile data collection and examination on a live Windows system; analysis of physical and process memory dumps for malware artifacts; post-mortem forensics - discovering and extracting malware and associated artifacts from Windows systems; legal considerations; file identification and profiling initial analysis of a suspect file on a Windows system; and analysis of a suspect program. This field guide is intended for computer forensic investigators, analysts, and specialists. A condensed hand-held guide complete with on-the-job tasks and checklists Specific for Windows-based systems, the largest running OS in the world Authors are world-renowned leaders in investigating and analyzing malicious code

Virtualization and Forensics

Virtualization and Forensics Book
Author : Diane Barrett,Greg Kipper
Publisher : Syngress
Release : 2010-08-06
ISBN : 9781597495585
Language : En, Es, Fr & De

GET BOOK

Book Description :

Virtualization and Forensics: A Digital Forensic Investigators Guide to Virtual Environments offers an in-depth view into the world of virtualized environments and the implications they have on forensic investigations. Named a 2011 Best Digital Forensics Book by InfoSec Reviews, this guide gives you the end-to-end knowledge needed to identify server, desktop, and portable virtual environments, including: VMware, Parallels, Microsoft, and Sun. It covers technological advances in virtualization tools, methods, and issues in digital forensic investigations, and explores trends and emerging technologies surrounding virtualization technology. This book consists of three parts. Part I explains the process of virtualization and the different types of virtualized environments. Part II details how virtualization interacts with the basic forensic process, describing the methods used to find virtualization artifacts in dead and live environments as well as identifying the virtual activities that affect the examination process. Part III addresses advanced virtualization issues, such as the challenges of virtualized environments, cloud computing, and the future of virtualization. This book will be a valuable resource for forensic investigators (corporate and law enforcement) and incident response professionals. Named a 2011 Best Digital Forensics Book by InfoSec Reviews Gives you the end-to-end knowledge needed to identify server, desktop, and portable virtual environments, including: VMware, Parallels, Microsoft, and Sun Covers technological advances in virtualization tools, methods, and issues in digital forensic investigations Explores trends and emerging technologies surrounding virtualization technology

The Computer Forensics Library Boxed Set

The Computer Forensics Library Boxed Set Book
Author : Keith J. Jones,Richard Bejtlich,Curtis W. Rose,Dan Farmer,Wietse Venema,Brian Carrier
Publisher : Addison-Wesley
Release : 2007-07-27
ISBN : 9780321533883
Language : En, Es, Fr & De

GET BOOK

Book Description :

Praise for Forensic Discovery Farmer and Venema do for digital archaeology what Indiana Jones did for historical archaeology. Forensic Discovery unearths hidden treasures in enlightening and entertaining ways, showing how a time-centric approach to computer forensics reveals even the cleverest intruder. I highly recommend reading this book. --Richard Bejtlich, TaoSecurity Praise for Real Digital Forensics Real Digital Forensics is as practical as a printed book can be. In a very methodical fashion, the authors cover live response (Unix, Windows), network-based forensics following the NSM model (Unix, Windows), forensics duplication, common forensics analysis techniques (such as file recovery and Internet history review), hostile binary analysis (Unix, Windows), creating a forensics toolkit and PDA, flash and USB drive forensics. The book is both comprehensive and in-depth; following the text and trying the investigations using the enclosed DVD definitely presents an effective way to learn forensic techniques.--Anton Chuvakin, LogLogic Praise for File System Forensic Analysis Carrier has achieved what few technical authors do, namely a clear explanation of highly technical topics that retains a level of detail making it valuable for the long term. For anyone looking seriously at electronic forensics, this is a must have. File System Forensic Analysis is a great technical resource. --Jose Nazario, Arbor Networks The Computer Forensics Library With the ever-increasing number of computer-related crimes, more and more professionals find themselves needing to conduct a forensics examination. But where to start? What if you don't have the time or resources to take a lengthy training course? We've assembled the works of today's leading forensics experts to help you dive into forensics, give you perspective on the big picture of forensic investigations, and arm you to handle the nitty-gritty technicalities of the toughest cases out there. Forensic Discovery, the definitive guide, presents a thorough introduction to the field of computer forensics. Authors Dan Farmer and Wietse Venema cover everything from file systems to memory andkernel hacks and malware.They expose many myths about forensics that can stand in the way of success. This succinct book will get you started with the realities of forensics. Real Digital Forensics allows you to dive right in to an investigation and learn by doing. Authors Keith J. Jones, Richard Bejtlich, and Curtis W. Rose walk you through six detailed, highly realistic investigations and provide a DVD with all the data you need to follow along and practice. Once you understand the big picture of computer forensics, this book will show you what a Unix or Windows investigation really looks like. File System Forensic Analysis completes the set and provides the information you need to investigate a computer's file system. Most digital evidence is stored within the computer's file system, so many investigations will inevitably lead there. But understanding how the file system works is one of the most technically challenging concepts for digital investigators. With this book, expert Brian Carrier closes out the set by providing details about file system analysis available nowhere else.

Unix and Linux Forensic Analysis DVD Toolkit

Unix and Linux Forensic Analysis DVD Toolkit Book
Author : Chris Pogue,Cory Altheide,Todd Haverkos
Publisher : Syngress
Release : 2008
ISBN : 9781597492690
Language : En, Es, Fr & De

GET BOOK

Book Description :

The book begins with an introduction to Linux and UNIX written with experienced Windows forensic analysts in mind. Next, the book covers the issues of live response, (volatile) data collection and analysis, analyzing the contents of physical memory, /proc analysis, malware coders, anti-forensic developers. Investigators will learn to compile all of this information to perform a comprehensive forensic analysis. The authors draw on familiar aspects of Windows to explain how UNIX and UNIX-like systems such as Linux operate similarly and where *nix systems differ significantly. Throughout the book the author provides a wealth of unique information, providing tools, techniques and information that won't be found anywhere else.

Computer Forensics

Computer Forensics Book
Author : Linda Volonino,Reynaldo Anzaldua,Jana Godwin
Publisher : Prentice Hall
Release : 2007
ISBN : 0987650XXX
Language : En, Es, Fr & De

GET BOOK

Book Description :

For introductory and intermediate courses in computer forensics, digital investigations, or computer crime investigation By applying information systems, computer security, and criminal justice principles and practices to crime investigations and other legal actions, this text teaches students how to use forensically-sound methodologies and software to acquire admissible electronic evidence (e-evidence) with coverage of computer and email forensics, cell phone and IM forensics, and PDA and Blackberry forensics.