Contents

Preface

Acknowledgments

Chapter One: The Fundamentals of Data

Base 2 Numbering System: Binary and Character Encoding

Communication in a Two-State Universe

Electricity and Magnetism

Building Blocks: The Origins of Data

Growing the Building Blocks of Data

Moving Beyond Base 2

American Standard Code for Information Interchange

Character Codes: The Basis for Processing Textual Data

Extended ASCII and Unicode

Summary

Notes

Chapter Two: Binary to Decimal

American Standard Code for Information Interchange

Computer as a Calculator

Why is this Important in Forensics?

Data Representation

Converting Binary to Decimal

Conversion Analysis

A Forensic Case Example: An Application of the Math

Decimal to Binary: Recap for Review

Summary

Chapter Three: The Power of HEX: Finding Slivers of Data

What the HEX?

Bits and Bytes and Nibbles

Nibbles and Bits

Binary to HEX Conversion

Binary (HEX) Editor

The Needle within the Haystack

Summary

Notes

Chapter Four: Files

Opening

Files, File Structures, and File Formats

File Extensions

Changing a File’s Extension to Evade Detection

Files and the HEX Editor

File Signature

ASCII is not Text or HEX

Value of File Signatures

Complex Files: Compound, Compressed, and Encrypted Files

Why do Compound Files Exist?

Compressed Files

Forensics and Encrypted Files

The Structure of Ciphers

Summary

Notes

Appendix 4A: Common File Extensions

Appendix 4B: File Signature Database

Appendix 4C: Magic Number Definition

Appendix 4D: Compound Document Header

Chapter Five: The ...

Get Cyber Forensics: From Data to Digital Evidence now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial