Ebook: Mastering Python forensics: master the art of digital forensics and analysis with Python

This book will teach you how to perform forensic analysis and investigations using various Python libraries. It starts by explaining the building blocks of the Python programming language, especially ctypes, in-depth, along with how to automate typical tasks in file system analysis, common correlation tasks to discover anomalies, and templates for investigations. Next, we'll show you cryptographic algorithms that can be used during forensic investigations.;Moving on, you'll learn to sniff on the network, generate and analyze network flows, and perform log correlation with the help of Python scripts and tools. You'll get to know about the concepts of virtualization and how virtualization influences IT forensics, and you'll discover how to perform the forensic analysis of a jailbroken/rooted mobile device that is iOS or Android.;Setting up the lab and introduction to Python ctypes -- Forensic algorithms -- Using Python for Windows and Linux forensics -- Using Python for network forensics -- Using Python for virtualization forensics -- Using Python for mobile forensics -- Using Python for memory forensics.;If you are a network security professional or forensics analyst who wants to gain a deeper understanding of performing forensic analysis with Python, then this book is for you. Some Python experience would be helpful.;Finally, the book teaches you how to analyze volatile memory and search for known malware samples based on YARArules.