Over 10 mio. titler Fri fragt ved køb over 499,- Hurtig levering Forlænget returret til 31/01/25

OS X Incident Response

- Scripting and Analysis

  • Format
  • Bog, paperback
  • Engelsk

Beskrivelse

OS X Incident Response: Scripting and Analysis is written for analysts who are looking to expand their understanding of a lesser-known operating system. By mastering the forensic artifacts of OS X, analysts will set themselves apart by acquiring an up-and-coming skillset. Digital forensics is a critical art and science. While forensics is commonly thought of as a function of a legal investigation, the same tactics and techniques used for those investigations are also important in a response to an incident. Digital evidence is not only critical in the course of investigating many crimes but businesses are recognizing the importance of having skilled forensic investigators on staff in the case of policy violations. Perhaps more importantly, though, businesses are seeing enormous impact from malware outbreaks as well as data breaches. The skills of a forensic investigator are critical to determine the source of the attack as well as the impact. While there is a lot of focus on Windows because it is the predominant desktop operating system, there are currently very few resources available for forensic investigators on how to investigate attacks, gather evidence and respond to incidents involving OS X. The number of Macs on enterprise networks is rapidly increasing, especially with the growing prevalence of BYOD, including iPads and iPhones. Author Jaron Bradley covers a wide variety of topics, including both the collection and analysis of the forensic pieces found on the OS. Instead of using expensive commercial tools that clone the hard drive, you will learn how to write your own Python and bash-based response scripts. These scripts and methodologies can be used to collect and analyze volatile data immediately. For online source codes, please visit: https://github.com/jbradley89/osx_incident_response_scripting_and_analysis

Læs hele beskrivelsen
Detaljer
  • SprogEngelsk
  • Sidetal270
  • Udgivelsesdato14-05-2021
  • ISBN139780128044568
  • Forlag Syngress Media,u.S.
  • FormatPaperback
Størrelse og vægt
  • Vægt570 g
  • coffee cup img
    10 cm
    book img
    19,1 cm
    23,5 cm

    Findes i disse kategorier...

    Se andre, der handler om...

    Flashback Quarantine Vol antivirus Logs Lateral Movement Cyber Kill Chain Gatekeeper SIP Opera history HFS Access Control Lists apple malware persistence apple system logs browser timeline bash hacks bash tricks Auto start extensibility points aseps attacker timeline browser plugin malware bash analysis Chrome history browser analysis DTrace CVE-2013-1775 command line analysis chrome danger_types extended attributes danger types data exfiltration dyld_insert_libraries cron malware Data exfil dylib hijacking incident response shell commands keychain MacPmem intrusion timeline log rotation Mac Memory Analysis KEXT persistence keychaindump Firefox History File Hierarchy Layout launchctl Memory analysis login hooks Mac file system Mac volatility mdfind memory collection OS X exfil OS X Incident Response OS X lateral movement OS X malware persistence overrides.plist OS X disable network OS X file system OS X Kill Chain OS X volatile data osx passwords Privilege Escalation OS X firewall Safari History plugin malware Posix Permissions shellshocked KEXT malware Setuid launchagents launch agents sqlite3 history mac malware persistence timestamp analysis setgid volatility framework the Sandbox launchdaemons launch daemons YARA logout hooks mac forensic collection OS X memory analysis os x metasploit OSXpmem parse syslog Log Timeline PKzip magic numbers OS X forensic collection OS X volatility OS X Quarantine system Rekall Framework resource forks securityd X-Protect sudo piggybacking System Integrity Protection Yara rules
    Machine Name: SAXO081