Don’t forget to vote for the XWF Guide at http://forensic4cast.com/2014/04/2014-forensic-4cast-awards-meet-the-nominees/. But of course, only vote if you liked it 🙂
And if you didn’t like it (which means you don’t have XWF…), vote for my other book, Placing the Suspect Behind the Keyboard. But again, only vote if you liked it 🙂
And if you didn’t like that book either…give me your phone number. We need to talk…
I just saw that the book of the year nominees at the Forensic 4cast Awards include both the X-Ways Practitioner’s Guide and Placing the Suspect Behind the Keyboard. For those that made the nominations, that was very kind. For those that vote for either book, I thank you in advance.
Both books are pretty good. Each gives plenty of tips and information to save you hours of frustration, and more importantly, close some cases. There is a sample chapter of Placing the Suspect Behind the Keyboard here: http://searchsecurity.techtarget.com/feature/Placing-the-Suspect-Behind-the-Keyboard There are reviews at Amazon for both books that may be helpful if you were thinking of getting either book.
If you use X-Ways…..you need the X-Ways Guide, no matter how long you have been using X-Ways. When I asked Eric to help me write this book, he ran with it and did a super job of helping create an easy to read guide to using a very powerful forensic tool. I have more than a ton of emails of how the book converted Encase/FTK primary users into XWF primary users.
As for the Placing the Suspect Behind the Keyboard, that has also helped more than a few examiners close a case with a simple (yet elusive) tip, trick, method, or process that saves hours, if not days, of work. Again, even if you have been doing forensics for a long time, nothing says you can’t learn or relearn something you may not know or have forgotten.
Thanks again to everyone.
Brett
I previously posted that a book on FTK is sure to come along, since we have the best book of X-Ways and the other book on Encase. Now comes a book on FTK. Just like the XWF Guide or the upcoming Encase guide, I wouldn’t see any reason for a FTK user to not have a book on FTK.
It makes sense to have “the” book on X-Ways, “the” book on Encase, and “the” book on FTK. By having books on your major forensic suites, it is easier to compare what suite “A” does compared to tools “B” and “C” as well as how to get from point A to B using each tool.
So….how about that book on ProDiscover? Anyone? Grab the opportunity before someone else does. I promise to buy it, as I have already ordered the FTK and Encase books.
I have brief reviews on my favorite DF books at http://winfe.wordpress.com/books/
————————————————————————–
I know, this has nothing to do with X-Ways Forensics. But hey, the X-Ways Practitioner’s Guide was first…
Practically, this seems like a good book for Encase users to park on the shelf (while the X-Ways Practitioner’s Guide sits on your desk next to your keyboard).
So, when is that book on “FTK” coming out….and who is going to write it?…And if you do want to write it, give Syngress a shout.
Taking WinFE to even another level on a multiboot thumbdrive. Very cool, but I spread this word to you because there are few things in life neater than a forensically bootable CD/USB with X-Ways Forensics.
The X-Ways Users Conference is here in a few weeks. My kind of conference: Australia and fellow X-Ways users!
Maybe next year for me…but it sure would make for a good vacation, I mean, training trip.
Not that many years ago, you would not find a requirement of having experience with X-Ways to apply for a DFIR job. But now, some jobs recommend it and yet some others require it. This is not to say the other big players (Encase, Accessdata, etc..) are not needed or useful, just that XWF has made it to the same level at a price point that will probably not be beat with capabilities that still outpace other tools.
So……it makes sense to know a little about the tool that might put you over the edge for that next job. Of course, you need to be competent too, but like I’ve said before, “beware the examiners that use X-Ways Forensics because they probably know what they are doing.”
For the future XWF users, check out www.x-ways.net for some details, download and read a quick guide, and when you move forward with XWF, buy the book 🙂
From a twitter post, a cool video on imaging with X-Ways noted (13:50) as doing something other tools don’t. The entire video is actually pretty good too.
I’m duplicating this post from another blog because this will probably be the coolest book to come out this year in digital forensics and is a must-have. The short version as to why the book is a must-have is “duh, it’s Harlan’s latest book…and Windows 8…”
I’ll wait to give an “official” review of Harlan’s book (Windows Forensic Analysis Toolkit, Fourth Edition: Advanced Analysis Techniques for Windows 8) only to give others the chance to read it once it becomes available. But…I’ll say that based on my early reading as a tech editor, this is a book that ranks for me in as much anticipation as a new Tom Clancy novel being released.
I also think this is one of those books that if not pre-ordered, will have you waiting until it is reprinted due to being over-ordered. The X-Ways Practitioner’s Guide was one of those books too, where late-comers had to wait weeks for the second printing. This book is no different, because just about all of the neat things in the book show just how much Harlan has discovered in some very neat areas of Windows 8.
One thing I learned about ordering books from Amazon, is that Amazon will pretty much match the lowest price found elsewhere. I also learned that with a pre-ordered book, you can cancel before the book is printed if you find a lower price somewhere else. The point is, pre-order the book or you may be waiting a month after everyone else gets their copy…it comes out in April ’14 and I’d expect the second printing to be needed in April ’14…
I have a detailed review of this book at http://winfe.wordpress.com. In short, it’s a really good book and of all tools to choose for the research in the book, the authors picked X-Ways Forensics. But then, that should not come as any surprise.
There’s still time to ask Santa to put this in your stocking…
The X-Ways Forensics Practitioner's Guide/2E 