Table des matières

Pré-requis

  1. Procédure forensique lien1 lien2
  2. Architecture disques durs lien1
  3. Processus de boot lien1
  4. MBR lien1 lien2
  5. Live memory lien1 lien2
  6. Analyse de logs lien1

Windows

  1. Windows file systems (FAT, NTFS) lien1 lien2
  2. Registres lien1

Linux

  1. Linux file systems (ext2/3) lien1 lien2 lien3

Mac

  1. Mac file systems (UFS) lien1

Lectures conseillées

  1. The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory lien1
  2. Computer Forensics JumpStart lien1
  3. Digital Forensics for Legal Professionals: Understanding Digital Evidence From The Warrant To The Courtroom lien1
  4. Digital Forensics with Open Source Tools lien1
  5. Windows Registry Forensics: Advanced Digital Forensic Analysis of the Windows Registry lien1
  6. File System Forensic Analysis lien1
  7. Hacking Exposed Computer Forensics, Second Edition: Computer Forensics Secrets & Solutions lien1
  8. The Lure: The True Story of How the Department of Justice Brought Down Two of the World's Most Dangerous Cyber Criminals [Livre] lien1

Outils

  1. Helix
  2. Caine
  3. Encase
  4. FTK + FTK Imager
  5. TSK + Autopsy
  6. Volatility
  7. Rekall Memory Forensic Framework
  8. Memoryze
  9. Liste → http://forensiccontrol.com/resources/free-software/

Cheat sheet

  1. Forensic Process Cheatsheet
  2. Linux Forensic Cheatsheet
  3. Volatility Cheatsheet

Blogs

  1. http://digiforensics.blogspot.fr/
  2. http://journeyintoir.blogspot.fr/
  3. http://www.forensickb.com/
  4. http://forensicsfromthesausagefactory.blogspot.fr/
  5. http://sysforensics.org/
  6. http://forensicsource.blogspot.fr/
  7. http://girlunallocated.blogspot.fr/
  8. http://dfsforensics.blogspot.fr/
  9. http://whereismydata.wordpress.com/

Ressources

  1. File signatures
  2. Cours1
  3. Cours2
  4. Forensic wiki