Mon premier blog

File System Forensic Analysis Brian Carrier
Publisher: Addison-Wesley Professional

I'm pretty sure this dude dreams in binary. I have a huge interest in file system forensics, so I have been following his Tri-Force blog posts and was anxious to hear his scheduled talk on the NTFS Logfile Forensics/Tri-Force during CEIC. I have been spending some time reading File System Forensic Analysis by Brian Carrier which is considered by many to be the primary resource on the subject of file system forensics. This chapter breaks down a file's content and metadata. Made a quick reference guide to DOS/GPT partitioning schemes for my File System Forensics Class. Autopsy automates many of the tasks required during a digital forensic analysis using the TASK collection of powerful command line tools as a foundation. For example, chapter 4 is dedicated to the HFS+ file system used by Macintosh computers and drills down to disk level file system forensics. The New Technology File System (NTFS) is a file system developed and introduced by Microsoft in 1995 with Windows NT. Digital Forensics with Open Source Tools: Using Open Source Platform Tools for Performing Computer Forensics on Target Systems: Windows, Mac, Linux, Unix, 4) Chapter 8 on File Analysis is the longest chapter (41 pages in length), covering analysis of image files, audio and video files, archive files, and documents. Here's a starter list: File System Forensic Analysis, Brian Carrier.