some sources of knowledge

If Tyrhex show you the bytes and analyse file systems based on the concepts, you can enhance your knowledge by reading some of the following books :

  • File System Forensic Analysis 
    (Brian Carrier 2005)
    a bit old, but never outdated reference on file systems with a forensic approach
  • Digital Forensics with Open Source Tools
    (Cory Atheide and Harlan Cavey 2011)
    how and why using open source tools to do IT forensics
  • Advanced Mac OS programming : The Big Nerd Ranch
    (Mark Dimple 2011)
    a deep analyse on HFS file 
    system
  • Mac OS X and IOS Internals : To the Apple’s Core
    (Jonathan Levin 2012)
    demystification of HFS file system
  • Digital Archaeology : The Art and Science of Digital Forensics
    (Michael W. Graves 2013)
    Good overview of tools and methods, leading to handle a whole digital forensics investigation
  • Windows Forensic Analysis Toolkit 
    (Harlan Carvey 2014)
    with some interesting topics on recent Windows versions
  • UCD MSc Computer Forensics 
    the University College of Dublin organise an excellent MSc in Digital Investigation and Computer Forensics. For Law Enforcement people, the MSc in Forensic Computing and Cybercrime Investigations is a strong knowledge base too.
  • The Art of War
    (Sun Tzu  
    孙子 5th Century BC)
    almost all sentences are usuable when handling IT crime cases
  •   and some experience acquired during 15 years as IT forensic expert using commercial and open source forensic tools working with clever people on criminal cases.
tyrhex © Yves Vandermeer  2015-2017   #tyrhex