https://itunes.apple.com/us/book/x-ways-forensics-practitioners/id694171610?mt=11

Very cool.  Meet Eric Zimmerman and Craig Ball at The Inaugural Australian X-Ways Users Conference in Canberra in March 2014!

The best part...you get a copy of the XWF Guide :)

 

 

] If you can't make it to this conference, get the book!
Click to order, Amazon still has the best price.

 

 

 

 

 

WinFE Twitter account compromised...now WinFE is following over a thousand new Twitter users...too bad none of those that are actually the kind of accounts to follow...clean up time...

We've gotten quite a bit of personal email feedback on the XWF Guide, and in one category at Amazon (Forensic Science), the XWF Guide ranks at #2.

There's been only one Amazon review, so let us know if you found the book helpful with a review on Amazon.  We will be very grateful for nice :) words, but we'll take any criticisms as well :(

Elsevier - Snygress has another sale, but this time it is 50% off.  You have only a few days to take advantage of it (I am...).  There is a limit of two books, so if you were looking for a second book to add, how about this one: http://store.elsevier.com/product.jsp?isbn=9781597499859&pagename=search

Ken Pryor wrote a very in-depth review of the XWF Guide.   Ken has a very informative DF blog and we're glad to have been mentioned in such detail.  Thank you Ken for the nice review.

Check out Ken's review at:  http://digiforensics.blogspot.com/2013/09/book-review-x-ways-forensics.html

And of course, here is a direct link to order the XWF Guide...

From Amazon

That's right, a free signed copy of the XWF Guide is yours, but only IF you can win the contest.

http://hackingexposedcomputerforensicsblog.blogspot.com/

On a related note, check out Eric's interview on his ongoing imaging tests on YouTube.

And the winner is....

http://hackingexposedcomputerforensicsblog.blogspot.com/2013/09/daily-blog-78-sunday-funday-9813-winner.html

So far, we've had a lot of positive feedback on the XWF Guide, so much so, that the second edition (should that happen) will have a few added things.  Like...a companion CD with sample data and slidedecks for classroom use.

However, before a second edition is started, this edition has to first be outdated by updates in XWF.

The bad news on a second edition is that we wrote the book to cover XWF for some time to come even with the expected updates that occur every month or so. That means a second edition isn't likely until we see a major change in XWF.

The good news on a second edition is that we wrote the book to cover XWF for some time to come even with the expected updates that occur every month or so.  That means this book will last you well into your expertise is solid with XWF.

For the college and university profs and instructors, we'd be glad to help review your slidedecks if you will be using the book in your course.  Potentially, we may be able to create a set of slidedecks (with help from those teaching) to make available to any schools using XWF).

[caption id="attachment_343" align="aligncenter" width="528"] Do you teach XWF in your college class? We'd be happy to help your slidedecks with reviews and suggestions if you need.

Not to put on any pressure, but I've been informed the XWF Guide is planned for reprint due to the preorder demand.  For those that preordered, that was a good idea, you may have your guide by now or it's in the mail.  For those that were waiting for the book to come out first instead of preordering, you may want to hurry.   I'm not sure how long it takes to reprint more books (that's like, beyond the guys that just type the words...).  Then again, you could always wait for the next go around for reprints...

Amazon still looks to have the best price, but only a few copies left before they have to order more.

The X-Ways Practitioner's Guide (Amazon)

**Update**

Looks like most have received their preorders, and those that waited late might have to wait again for a reprint.  Direct link to Amazon - XWF Guide.

http://scitechconnect.elsevier.com/


Our publisher has a new blog written by their authors.  So, for all of us that read books by Syngress (an imprint of Elsevier), you may find your favorite authors writing about something of interest.  Although it is yet another blog, it's also a little different being that it one place with their authors writing posts about the books we read.

And of course, the X-Ways Guide has a post too...

Looks like more Kindle readers than paperback readers.   Then again, it's easier to have the Kindle at your desk than a stack of books when you are fighting through hex, decoding registry values, and spilling coffee on the desk.

Direct link to order the Kindle:  X-Ways Guide - Kindle

Direct link to order the old fashioned book:  X-Ways Guide - Book

I'm still working toward putting together a standalone, one-button push WinFE creation with some great helpers, but haven't had the time to fully focus on it to make sure I get it working smoothly.   But, I plan to have something done within the next month that anyone will be able to build their own customized WinFE with the least amount of hassle.   Stay tuned...I'm pounding away at the keyboard to get to it.

On another note with book stuff, the X-Ways Forensics Practitioner's Guide written by Eric Zimmerman and myself is available on Kindle today.  The printed edition is coming very soon, but if you want to have it in your hands in less than a minute, click here and order the Kindle version:  X-Ways Forensics Practitioner's Guide



This is my second book, with my first being Placing the Suspect Behind the Keyboard.  The XWF Guide is much more technical than my first book, with good reason.  Placing the Suspect Behind Keyboard goes beyond technical details and gives an overall perspective of high tech investigations.  This includes the computer forensics analysis, but also includes GPS intelligence, online social networking investigations, cell phone analysis, report writing, case management, and case presentation.  I wrote this book for those new to the field to start out on the right track and for those analysts that have buried themselves deep into their monitor to go back to thinking outside the (CPU) box.   If for nothing else, this book will give you plenty of information to pin the suspect to the computer (or cell phone) with enough circumstantial evidence to choke the defense.  And in that light, it also gives information to prevent placing the wrong person at the keyboard, which is even more important!  After all, although the data is what the data is, you are uncovering the truth and not forcing your beliefs into a case.

I also want to give my two cents on some other really good books that I refer to on a regular basis.  I also believe these should be part of every examiner's desk reference.  This is only  "Brett's Review" so take it for what its worth.

Digital Forensics with Open Source Tools by Cory Altheide and Harlan Carvey.   If you do this work long enough, you'll find that you just can't afford every tool in existence, and for the tools you use, they don't always do what you want.  This is a great book on using open source tools.  If you don't use open source, you are really missing out on some great stuff.  I am a huge fan of open source tools, with RegRipper being one of these useful utilities.

Windows Registry Forensics by Harlan Carvey.  I cannot imagine any forensic examiner NOT having this book already.  This is one of those books where you say, "Of course I have that book, don't you?".  Harlan also writes like a person talks, as if the book is written specifically for the reader to get it.  Easy to understand, to the point, and practical.  I kinda like no-nonsense and get-to-the-point books...

Windows Forensic Analysis Toolkit 3E by Harlan Carvey.  Again, another book that I cannot imagine not being on your desk already.   I also can't wait for WFA/4E to be published...hint, be bery bery quiet....Harlan is working on it right now....

File System Forensic Analysis by Brian Carrier.  Some books never go out of style and this is one of those books.  This is also one of those books that should have been written years before it was eventually written, mostly because I could have really used it when first starting out in forensics rather than beating my head against the desk.

I have a LOT more, but these are my main books that are always within arms reach, dog-eared, highlighted, written on, referenced constantly, and used as refreshers all the time.  I figure that if you are going to order a book, pick a few good ones at the same time.  But then again, I assume you have all of these already because I don't know how I could have done without them.

Now...it's back to work to get your WinFE up and running :)

**Update on books***

My first book, "Placing the Suspect Behind the Keyboard" is on sale at half price from the publisher until Sept 22.  Maybe a good time to take advantage of the sale :)

It certainly feels like a long time has passed, but the time is finally here, at least for the Kindle. Order through Amazon and you can have the book on your Kindle in less than a minute. 

Although it feels like it took a long time (at least for me), Eric and I finished the book 6 months ahead of schedule.  If you don't have a Kindle, you can at least read the Introduction through the link below.  We hope (and know) this guide will be your best friend to your XWF dongle.

Order from Amazon.com at  "X-Ways Forensics Practitioner's Guide"

But, Amazon still has the discount as of right now!  My guess is that Amazon will be ending their 40% discount since the publisher ended their sale.  So you may not have missed the boat yet, but you may want to hurry.

 

Order from Amazon.com at  "X-Ways Forensics Practitioner's Guide"

 

This is one of those times that procrastinating will cost you money....

 

What will you tell yourself when you have to spend twice as much for the XWF Guide after tomorrow?

 

 

 

 

 

 

 

 

http://store.elsevier.com/product.jsp?isbn=9780124116054&_requestid=665676

 

 

And shipping is free?  Wow.  Doesn't get much better than that.