Category: purchase

X-Ways Forensics Install Manager

I cannot imagine anyone who uses XWF not having Eric Zimmerman‘s XWFIM.   Every time I use it, I wonder how I did without it.  XWFIM is available through the XWF support forum.  It’s free, but you need a license for XWF to get it.

Eric constantly adds little things to it, much like Stefan adds ‘little’ things to X-Ways Forensics.  One of the latest little additions is the selection box to “Include pre-release versions” which is pretty cool.

xwfim

 

And if you haven’t bought the XWF Guide yet and you use the XWFIM, just click the book’s graphic and you can have the guide on your Kindle in about 30 seconds.

xwfim2

Creating distributable test images

I’m in the process of creating working materials to go along with the XWF Guide in the form of exercises and test images.  I expect to be finished in 2014 or 2015 or …(it all depends on time available).  The materials will be freely available but will really only work best with the XWF Guide.  And yes, I know I can use images already available, like at http://digitalcorpora.org/corpora/disk-images, but these datasets will be made to demonstrate all the neat things detailed in the XWF Guide.wipe

One thing I’d like to point out regarding an issue with creating forensic images when giving images to students that contain data may violate the EULA if distributed. Files like commercial programs and operating systems.  Anyone that deals with this in training will be happy with how XWF can be used to address this problem.

With the “Cleansed Image” option of XWF, simply exclude/hide any and all files that would violate any privacy concerns or EULA violations before creating the image. Then create the image 🙂

This gives you a complete (minus excluded files) disk image without worrying about violating a EULA.  You could do this the hard way by using WinHex to overwrite every single file in question.  Or you can mass exclude files in one fell swoop with XWF and bam.  Image done.  Now you have something to give out to your class.

I’ve always wondered why some instructors give out complete images of a single system and make the student “promise” not to distribute the files…that is a bit too trusting in my opinion.   And come on, you know who you are…

<and I’ll leak a little information from the book on the cleansed image feature.  you can use this technique to remove private/privileged/protected data from an image to comply with a court order but can’t produce specific protected data on the image.  an example being a civil case where you need to turn over an image to the opposing expert but have privileged files on the image. don’t hex edit it, cleanse it!>

The XWF Guide has dozens of these kinds of tips and tricks, but you get one today for free.  Get the book for the rest of the tips and tricks, you will without a doubt, find something worthwhile that will save you hours or days of work.

XWF Guide as #2 best seller (in Forensic Science) on Amazon

We’ve gotten quite a bit of personal email feedback on the XWF Guide, and in one category at Amazon (Forensic Science), the XWF Guide ranks at #2.

There’s been only one Amazon review, so let us know if you found the book helpful with a review on Amazon.  We will be very grateful for nice 🙂 words, but we’ll take any criticisms as well 😦no 2

Another short-run sale

Elsevier – Snygress has another sale, but this time it is 50% off.  You have only a few days to take advantage of it (I am…).  There is a limit of two books, so if you were looking for a second book to add, how about this one: http://store.elsevier.com/product.jsp?isbn=9781597499859&pagename=search

50

XWF Guide Review by Ken Pryor

Ken Pryor wrote a very in-depth review of the XWF Guide.   Ken has a very informative DF blog and we’re glad to have been mentioned in such detail.  Thank you Ken for the nice review.

Check out Ken’s review at:  http://digiforensics.blogspot.com/2013/09/book-review-x-ways-forensics.html

And of course, here is a direct link to order the XWF Guide…

Xways-CoverFrom Amazon

Want a free and signed copy of the XWF Guide? It’s yours!

Xways-Cover

That’s right, a free signed copy of the XWF Guide is yours, but only IF you can win the contest.

http://hackingexposedcomputerforensicsblog.blogspot.com/

On a related note, check out Eric’s interview on his ongoing imaging tests on YouTube.

And the winner is….

http://hackingexposedcomputerforensicsblog.blogspot.com/2013/09/daily-blog-78-sunday-funday-9813-winner.html

The XWF Guide aka, “going like hot cakes”

Not to put on any pressure, but I’ve been informed the XWF Guide is planned for reprint due to the preorder demand.  For those that preordered, that was a good idea, you may have your guide by now or it’s in the mail.  For those that were waiting for the book to come out first instead of preordering, you may want to hurry.   I’m not sure how long it takes to reprint more books (that’s like, beyond the guys that just type the words…).  Then again, you could always wait for the next go around for reprints…

Amazon still looks to have the best price, but only a few copies left before they have to order more.

The X-Ways Practitioner’s Guide (Amazon)

press

**Update**

Looks like most have received their preorders, and those that waited late might have to wait again for a reprint.  Direct link to Amazon – XWF Guide.

Guess I’m not the only one with a Kindle…

Looks like more Kindle readers than paperback readers.   Then again, it’s easier to have the Kindle at your desk than a stack of books when you are fighting through hex, decoding registry values, and spilling coffee on the desk.

kindle

Direct link to order the Kindle:  X-Ways Guide – Kindle

Direct link to order the old fashioned book:  X-Ways Guide – Book

Last day for the 40% discount on the XWF Guide!

This is one of those times that procrastinating will cost you money….

What will you tell yourself when you have to spend twice as much for the XWF Guide after tomorrow?

 

40

 

http://store.elsevier.com/product.jsp?isbn=9780124116054&_requestid=665676

And shipping is free?  Wow.  Doesn’t get much better than that. 

%d bloggers like this: