Hey look! Now there is a book on FTK.

FTK http://amzn.to/O38eWh

I previously posted that a book on FTK is sure to come along, since we have the best book of X-Ways and the other book on Encase.  Now comes a book on FTK.  Just like the XWF Guide or the upcoming Encase guide, I wouldn't see any reason for a FTK user to not have a book on FTK.

It makes sense to have "the" book on X-Ways, "the" book on Encase, and "the" book on FTK.  By having books on your major forensic suites, it is easier to compare what suite "A" does compared to tools "B" and "C" as well as how to get from point A to B using each tool.

So....how about that book on ProDiscover?  Anyone?  Grab the opportunity before someone else does.  I promise to buy it, as I have already ordered the FTK and Encase books.

I have brief reviews on my favorite DF books at http://winfe.wordpress.com/books/



[caption id="attachment_547" align="aligncenter" width="170"]FTK http://amzn.to/O38eWh

[caption id="attachment_549" align="aligncenter" width="169"]encase http://amzn.to/P9XxCl

[caption id="attachment_347" align="aligncenter" width="173"]Xways-Cover http://amzn.to/1gfx0t5
Rate this blog entry:
841 Hits

Not X-Ways, but of interest to Encase users

Computer Forensics and Digital Investigation with EnCase Forensic

encase http://amzn.to/1eY02wn


I know, this has nothing to do with X-Ways Forensics.  But hey, the X-Ways Practitioner's Guide was first...

Practically, this seems like a good book for Encase users to park on the shelf (while the X-Ways Practitioner's Guide sits on your desk next to your keyboard).

So, when is that book on "FTK" coming out....and who is going to write it?...And if you do want to write it, give Syngress a shout.

Rate this blog entry:
899 Hits


I'm duplicating this post from another blog because this will probably be the coolest book to come out this year in digital forensics and is a must-have.  The short version as to why the book is a must-have is "duh, it's Harlan's latest book...and Windows 8..."

I'll wait to give an "official" review of Harlan's book (Windows Forensic Analysis Toolkit, Fourth Edition: Advanced Analysis Techniques for Windows 8) only to give others the chance to read it once it becomes available.  But...I'll say that based on my early reading as a tech editor, this is a book that ranks for me in as much anticipation as a new Tom Clancy novel being released.

fourth editionI also think this is one of those books that if not pre-ordered, will have you waiting until it is reprinted due to being over-ordered.  The X-Ways Practitioner's Guide was one of those books too, where late-comers had to wait weeks for the second printing.  This book is no different, because just about all of the neat things in the book show just how much Harlan has discovered in some very neat areas of Windows 8.

One thing I learned about ordering books from Amazon, is that Amazon will pretty much match the lowest price found elsewhere.  I also learned that with a pre-ordered book, you can cancel before the book is printed if you find a lower price somewhere else.  The point is, pre-order the book or you may be waiting a month after everyone else gets their copy...it comes out in April '14 and I'd expect the second printing to be needed in April '14...
Rate this blog entry:
753 Hits

Cloud Storage Forensics

Image http://www.amazon.com

I have a detailed review of this book at http://winfe.wordpress.com.  In short, it's a really good book and of all tools to choose for the research in the book, the authors picked X-Ways Forensics.  But then, that should not come as any surprise.

There's still time to ask Santa to put this in your stocking...

Rate this blog entry:
832 Hits

Another discount on the XWF Guide at $37.96

Xways-Cover Click to order from Amazon (lowest price available for now)

Amazon reduced the price.  Grab it before it goes up (again).

Regarding companion materials to go along with the book, please comment on the blog, or send an email, with suggestions you would like to see.  So far, there will be one image that will be used to use with examples in the book.  As far as a demo of XWF...that's probably not going to happen...

You can tell that X-Ways Forensics has made it into the market when so many DFIR job requirements list X-Ways Forensics as one of the 'big 3' tools to know to apply.

For those that are tinkering with writing X-Tensions, the documentation at the x-ways.net site was just updated on Sept 27.  Don't forget to send your x-tension to X-Ways to share with all of us, just like Mom told you when you were little.

It's also becoming more common to see statements like these: "The only tool I've currently tested that parses the user name is X-Ways Forensics, so it may be necessary to manually parse this record if you don't have a tool that will do it for you." - https://rstforums.com/forum/75954-ms-excel-biff-metadata-last-opened.rst

Rate this blog entry:
884 Hits

XWF Guide as #2 best seller (in Forensic Science) on Amazon

We've gotten quite a bit of personal email feedback on the XWF Guide, and in one category at Amazon (Forensic Science), the XWF Guide ranks at #2.

There's been only one Amazon review, so let us know if you found the book helpful with a review on Amazon.  We will be very grateful for nice :) words, but we'll take any criticisms as well :(no 2

Rate this blog entry:
687 Hits

Another short-run sale

Elsevier - Snygress has another sale, but this time it is 50% off.  You have only a few days to take advantage of it (I am...).  There is a limit of two books, so if you were looking for a second book to add, how about this one: http://store.elsevier.com/product.jsp?isbn=9781597499859&pagename=search


Rate this blog entry:
720 Hits

XWF Guide Review by Ken Pryor

Ken Pryor wrote a very in-depth review of the XWF Guide.   Ken has a very informative DF blog and we're glad to have been mentioned in such detail.  Thank you Ken for the nice review.

Check out Ken's review at:  http://digiforensics.blogspot.com/2013/09/book-review-x-ways-forensics.html

And of course, here is a direct link to order the XWF Guide...

Xways-CoverFrom Amazon

Rate this blog entry:
696 Hits

Want a free and signed copy of the XWF Guide? It's yours!


That's right, a free signed copy of the XWF Guide is yours, but only IF you can win the contest.


On a related note, check out Eric's interview on his ongoing imaging tests on YouTube.

And the winner is....


Rate this blog entry:
702 Hits

Positive Feedback

So far, we've had a lot of positive feedback on the XWF Guide, so much so, that the second edition (should that happen) will have a few added things.  Like...a companion CD with sample data and slidedecks for classroom use.

However, before a second edition is started, this edition has to first be outdated by updates in XWF.

The bad news on a second edition is that we wrote the book to cover XWF for some time to come even with the expected updates that occur every month or so. That means a second edition isn't likely until we see a major change in XWF.

The good news on a second edition is that we wrote the book to cover XWF for some time to come even with the expected updates that occur every month or so.  That means this book will last you well into your expertise is solid with XWF.

For the college and university profs and instructors, we'd be glad to help review your slidedecks if you will be using the book in your course.  Potentially, we may be able to create a set of slidedecks (with help from those teaching) to make available to any schools using XWF).

[caption id="attachment_343" align="aligncenter" width="528"]XWF Do you teach XWF in your college class? We'd be happy to help your slidedecks with reviews and suggestions if you need.
Rate this blog entry:
770 Hits