Perl scripting for Windows security : live response, forensic analysis, and monitoring /

Perl scripting for Windows security : live response, forensic analysis, and monitoring /

Saved in:
Bibliographic Details
Author / Creator:Carvey, Harlan A.
Imprint:Burlington, Mass. : Syngress Pub., ©2007.
Description:1 online resource (197 pages)
Language:English
Series:Safari Books Online.
Subject:
Microsoft Windows (Computer file)
Microsoft Windows (Computer file)
Perl (Computer program language)
Object-oriented programming (Computer science)
Computer security.
Computer security.
Object-oriented programming (Computer science)
Perl (Computer program language)
Electronic books.
Format: E-Resource Book
URL for this record:http://pi.lib.uchicago.edu/1001/cat/bib/11177834
Hidden Bibliographic Details
Other authors / contributors:Kleiman, Dave.
ISBN:9780080555638
0080555632
159749173X
9781597491730
9781597491730
Notes:Includes bibliographical references and index.
Summary:"This book is intended for anyone who has an interest in useful Perl scripting, in particular on the Windows platform, for the purpose of incident response, and forensic analysis, and application monitoring. While a thorough grounding in scripting languages (or in Perl specifically) is not required, it is helpful in fully and more completely understanding the material and code presented in this book. This book contains information that is useful to consultants who perform incident response and computer forensics, specifically as those activities pertain to MS Windows systems (Windows 2000, XP, 2003, and some Vista). Not only will consultants find this material valuable, but so will system administrators, law enforcement officers, and students in undergraduate and graduate programs focusing on computer forensics."--Jacket.
Other form:Print version: Carvey, Harlan A. Perl scripting for Windows security. Burlington, Ma : Syngress, ©2007 159749173X 9781597491730
Table of Contents:
  • pt. I. Perl scripting and live response
  • Built-in functions
  • Running processes
  • Accessing the API
  • WMI
  • Accessing the registry
  • ProScripts
  • Final touches
  • pt. II. Perl scripting and computer forensic analysis
  • Log files
  • Parsing binary files
  • Registry
  • Event logs
  • Parsing RAM dumps
  • ProScripts
  • Parsing other data
  • Final touches
  • pt. III. Monitoring Windows applications with Perl
  • Core application processes
  • Core application dependencies
  • Web services
  • Building a monitoring system.

Similar Items