O'Reilly logo

Digital Forensics with Open Source Tools by Harlan Carvey, Cory Altheide

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 8

File Analysis

Information in this Chapter

File Analysis Concepts

To perform a comprehensive examination, we must understand the nature of the files we identify and extract. By understanding these files, we can more successfully uncover and exploit any higher order forensic artifacts that may be present within the files. This builds upon and complements the system and application analysis performed in previous chapters.

The analysis of individual files will be of key importance in many different examinations. A malicious document may be the initial entry point in a system compromise investigation. The validity of a critical document may be in question. The examiner ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required