Question: forensic ...
 
Notifications
Clear all

Question: forensic oriented scripting or programming courses

10 Posts
7 Users
0 Likes
901 Views
erowe
(@erowe)
Posts: 144
Estimable Member
Topic starter
 

I was just wondering if anyone knew of any forensically centered programming or scripting courses out there?

I realize there are a lot of places to study Python, Perl, Bash, Power Shell, etc. But I was wondering if anyone knew of any places that might be offering these courses in a format specifically oriented toward forensics.

 
Posted : 25/02/2014 6:54 pm
(@trevin-mowery)
Posts: 3
New Member
 

Champlain College offers a Scripting for Digital Forensics class in their online masters program curriculum.

http//www.champlain.edu/computer-forensics/masters-digital-forensics-science/curriculum

 
Posted : 25/02/2014 8:33 pm
Chris_Ed
(@chris_ed)
Posts: 314
Reputable Member
 

Just to point out the obvious, as you never know Guidance run a course on the EnScript language, which is used in EnCase. It is based on C.

Also, Violent Python is a pretty cool book for examples of how to use Python to do forensic-y stuff.

 
Posted : 26/02/2014 2:48 pm
keydet89
(@keydet89)
Posts: 3568
Famed Member
 

….forensically centered programming…

…these courses in a format specifically oriented toward forensics.

Honestly, I'm not sure what either of those statements mean.

Programming is a tool, and you can make it do anything you want. The only difference between someone writing games and someone writing to solve a problem in the DFIR area is the goal, and what they hope to achieve.

 
Posted : 26/02/2014 5:22 pm
jaclaz
(@jaclaz)
Posts: 5133
Illustrious Member
 

The only difference between someone writing games and someone writing to solve a problem in the DFIR area is the goal, and what they hope to achieve.

Sure ) ; Encase scripts (but also PERL) are very popular among game programmers, and as you may well know it's years that the debate about DirectX vs. OpenGL is a key one among forensic programmers. wink

jaclaz

 
Posted : 26/02/2014 5:59 pm
(@bithead)
Posts: 1206
Noble Member
 

Champlain College offers a Scripting for Digital Forensics class in their online masters program curriculum.

http//www.champlain.edu/computer-forensics/masters-digital-forensics-science/curriculum

Champlain needs to do a lot of work on that course before I would ever recommend anyone take it.

 
Posted : 27/02/2014 2:52 am
(@mscotgrove)
Posts: 938
Prominent Member
 

I would suggest that a lot of forensics is involved with dealing with raw data structures. For this I suggest you look very closely at the 'C' based languages, in particular C and C++. They handle structures, bits and pointers very easily.

I once tried to something similar with PHP and was immediately VERY frustrated.

In some respects, the best language is one you can understand and know. C will let you do anything, but at the same time this can mean it will not protect you from some silly mistakes. After 31 years with C (C++) I have no intention of changing, but I am sure others will have different views.

Another big choice you need to investigate is a development environment. Again, after 20 years of Visual Studio, I have no intents to change, though I prefer 2010 to 2012.

When programming THINK in Hex, not decimal. 99% of the time it is a better way of describing most numbers

Programming is a tool, Forensics produces problems you want to solve/analyse.

 
Posted : 27/02/2014 6:18 am
Chris_Ed
(@chris_ed)
Posts: 314
Reputable Member
 

I would hesitate to recommend any language over any other, really.

I mentioned EnScript as it is built into EnCase, but then XRY uses Python so that could be a good choice, too. And I personally enjoyed Violent Python, which is why I thought that might be a good resource.

But I guess that any programming language should, once you are proficient enough, one day be able to assist you with an examination or investigation in some manner. So maybe the best advice is to try a few different languages and see which one you like best?

 
Posted : 27/02/2014 3:26 pm
jaclaz
(@jaclaz)
Posts: 5133
Illustrious Member
 

Of course while being careful NOT to shoot one's foot wink
http//www.toodarkpark.org/computers/humor/shoot-self-in-foot.html
Namely

Python
You shoot yourself in the foot and then brag for hours about how much more elegantly you did it than if you had been using C or (God forbid) Perl.
You create a gun module, a gun class, a foot module, and a foot class. After realizing you can't point the gun at the foot, you pass a reference to the gun to a foot object. After the foot is blown up, the gun object remains alive for eternity, ready to shoot all future feet that may happen to appear.

D

jaclaz

 
Posted : 27/02/2014 3:49 pm
Chris_Ed
(@chris_ed)
Posts: 314
Reputable Member
 

Hahaha. Heresey.

 
Posted : 28/02/2014 3:50 pm
Share: