O'Reilly logo

Operating System Forensics by Ric Messier

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 9

Executable Programs

Abstract

Investigating the structure of programs and executables in order to understand where information is in memory, how programs run and how malware can be created.

Keywords

operating systems
forensics
operating environments

INFORMATION INCLUDED IN THIS CHAPTER:

Windows Portable Executable
Linux Executable and Linkable Format
Mac OS X Application Bundles
NET Common Language Runtime
Debugging/Disassembly
System Calls and Tracing

Introduction

At the core of any computer system is the programs that run on it. It might normally go without saying, but I am going to say it anyway. Those programs are what make computers useful but more importantly, provide us with artifacts, which make sure that forensic ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required