This is the code repository for Python Digital Forensics [Video], published by Packt. It contains all the supporting project files necessary to work through the video course from start to finish.
Python is uniquely positioned as a programming language to perform cyber investigations and perform forensics analysis. Unleash the power of Python by using popular libraries and Python tools to help you create efficient and thorough forensics investigations. This course will walk you through digital forensics on network traffic, host analysis, and memory analysis.
The course starts with network forensics, an important aspect of any investigation. You will learn to read, sort, and sniff raw packets and also analyze network traffic. These techniques will help you drive your host analysis. You will learn about tools you'll need to perform a complete investigation with the utmost efficiency in both Windows and GNU/Linux environments with Python. Next, you will learn more advanced topics such as viewing data in PE and ELF binaries. It's vital to analyze volatile memory during an investigation as it provides details about what is actually running on a given system. So, you will learn the best tools to obtain and analyze volatile memory images. Finally, you will learn how to use Python in order to think like an attacker. You will complete enumeration, exploitation, and data exfiltration.
By the end of the course, you will be able to make the most of Python processes and tackle varied, challenging, forensics-related problems. So, grab this course and think like an attacker!
- Think like an attacker and solve forensics issues with more efficiently
- Learn network forensics to drive your host analysis
- Investigate with the utmost efficiency in Windows and GNU/Linux environments
- Learn advanced data-viewing topics in file analysis
- Get the best tools to obtain and analyze volatile memory images
- Use Python to complete enumeration, exploitation, and data exfiltration
To fully benefit from the coverage included in this course, you will need:
Prior programming experience is beneficial but not required.
This course has the following software requirements:
A system with Python IDE installed.