You are previewing Python Forensics.
O'Reilly logo
Python Forensics

Book Description

Python Forensics provides many never-before-published proven forensic modules, libraries, and solutions that can be used right out of the box. In addition, detailed instruction and documentation provided with the code samples will allow even novice Python programmers to add their own unique twists or use the models presented to build new solutions.

Table of Contents

  1. Cover image
  2. Title page
  3. Table of Contents
  4. Copyright
  5. Dedication
  6. Acknowledgments
  7. Endorsements
  8. List of figures
  9. About the Author
  10. About the Technical Editor
  11. Foreword
  12. Preface
    1. Intended audience
    2. Prerequisites
    3. Reading this book
    4. Supported platforms
    5. Download software
    6. Comments, questions, and contributions
  13. Chapter 1: Why Python Forensics?
    1. Abstract
    2. Introduction
    3. Cybercrime investigation challenges
    4. How can the Python programming environment help meet these challenges?
    5. Python and the Daubert evidence standard
    6. Organization of the book
    7. Chapter review
    8. Summary questions
  14. Chapter 2: Setting up a Python Forensics Environment
    1. Abstract
    2. Introduction
    3. Setting up a python forensics environment
    4. The right environment
    5. Choosing a python version
    6. Installing python on windows
    7. Python packages and modules
    8. What is included in the standard library?
    9. Third-party packages and modules
    10. Integrated development environments
    11. Python on mobile devices
    12. A virtual machine
    13. Chapter review
    14. Summary questions
    15. Looking ahead
  15. Chapter 3: Our First Python Forensics App
    1. Abstract
    2. Introduction
    3. Naming conventions and other considerations
    4. Our first application “one-way file system hashing”
    5. Code walk-through
    6. Results presentation
    7. Chapter review
    8. Summary questions
    9. Looking ahead
  16. Chapter 4: Forensic Searching and Indexing Using Python
    1. Abstract
    2. Introduction
    3. Keyword context search
    4. Code walk-through
    5. Results presentation
    6. Indexing
    7. Coding isWordProbable
    8. p-search complete code listings
    9. Chapter review
    10. Summary questions
  17. Chapter 5: Forensic Evidence Extraction (JPEG and TIFF)
    1. Abstract
    2. Introduction
    3. Code Walk-Through
    4. Chapter review
    5. Summary questions
  18. Chapter 6: Forensic Time
    1. Abstract
    2. Introduction
    3. Adding time to the equation
    4. The <span xmlns="http://www.w3.org/1999/xhtml" xmlns:epub="http://www.idpf.org/2007/ops" class="italic">time</span> module module
    5. The Network Time Protocol
    6. Obtaining and installing the NTP Library <span xmlns="http://www.w3.org/1999/xhtml" xmlns:epub="http://www.idpf.org/2007/ops" class="italic">ntplib</span>
    7. World NTP Servers
    8. NTP Client Setup Script
    9. Chapter review
    10. Summary questions
  19. Chapter 7: Using Natural Language Tools in Forensics
    1. Abstract
    2. What is Natural Language Processing?
    3. Installing the Natural Language Toolkit and associated libraries
    4. Working with a corpus
    5. Experimenting with NLTK
    6. Creating a corpus from the Internet
    7. NLTKQuery application
    8. Chapter review
    9. Summary questions
  20. Chapter 8: Network Forensics: Part I
    1. Abstract
    2. Network investigation basics
    3. Captain Ramius: re-verify our range to target… one ping only
    4. Port scanning
    5. Chapter review
    6. Summary questions
  21. Chapter 9: Network Forensics: Part II
    1. Abstract
    2. Introduction
    3. Packet sniffing
    4. Raw sockets in Python
    5. Python Silent Network Mapping Tool (PSNMT)
    6. PSNMT source code
    7. Program execution and output
    8. Chapter review
    9. Summary question/challenge
  22. Chapter 10: Multiprocessing for Forensics
    1. Abstract
    2. Introduction
    3. What is multiprocessing?
    4. Python multiprocessing support
    5. Simplest multiprocessing example
    6. Multiprocessing File Hash
    7. Multiprocessing Hash Table generation
    8. Chapter review
    9. Summary question/challenge
  23. Chapter 11: Rainbow in the Cloud
    1. Abstract
    2. Introduction
    3. Putting the cloud to work
    4. Cloud options
    5. Creating rainbows in the cloud
    6. Password Generation Calculations
    7. Chapter review
    8. Summary question/challenge
  24. Chapter 12: Looking Ahead
    1. Abstract
    2. Introduction
    3. Where do we go from here?
    4. Conclusion
  25. Index