The good people at Syngress, with the help of Harlan Carvey and Jeremiah Grossman, have sent me too new books to review. I can’t wait to tear into both of these titles!
Windows Forensic Analysis Including DVD Toolkit
From Syngress:
One thing that many computer forensic examiners have noticed is an over reliance by investigators on what forensic analysis tools are telling them, without really understanding where this information is coming from or how it is being created or derived.
The age of “Nintendo forensics” (i.e., loading an acquired image into a forensic analysis application and pushing a button) is over. As analysts and examiners, we can no longer expect to investigate a case in such a manner. Cybercrime has increased in sophistication, and investigators need to understand what artifacts are available on a system, as well as how those artifacts are created and modified. With this level of knowledge, we come to understand that the absence of an artifact is itself an artifact. In addition, more and more presentations and material are available regarding anti-forensics, or techniques used to make forensic analysis more difficult. Moreover, there have been presentations at major conferences that discuss the anti-forensic technique of using the forensic analysts’ training and tools against them.
This book is intended to address the need for a more detailed, granular level of understanding. It attempts not only to demonstrate what information is available to the investigator on both a live Windows system and in an acquired image but also to provide information on how to locate additional artifacts that may be of interest.
Cross Site Scripting Attacks: Xss Exploits and Defense
From Syngress:
Cross Site Scripting Attacks starts by defining the terms and laying out the ground work. It assumes that the reader is familiar with basic web programming (HTML) and JavaScript. First it discusses the concepts, methodology, and technology that makes XSS a valid concern. It then moves into the various types of XSS attacks, how they are implemented, used, and abused. After XSS is thoroughly explored, the next part provides examples of XSS malware and demonstrates real cases where XSS is a dangerous risk that exposes internet users to remote access, sensitive data theft, and monetary losses. Finally, the book closes by examining the ways developers can avoid XSS vulnerabilities in their web applications, and how users can avoid becoming a victim. The audience is web developers, security practitioners, and managers.