Join Us!

Notifications
Clear all

Question: forensic oriented scripting or programming courses  

  RSS
erowe
(@erowe)
Active Member

I was just wondering if anyone knew of any forensically centered programming or scripting courses out there?

I realize there are a lot of places to study Python, Perl, Bash, Power Shell, etc. But I was wondering if anyone knew of any places that might be offering these courses in a format specifically oriented toward forensics.

Quote
Posted : 25/02/2014 6:54 pm
trevin.mowery
(@trevin-mowery)
New Member

Champlain College offers a Scripting for Digital Forensics class in their online masters program curriculum.

http//www.champlain.edu/computer-forensics/masters-digital-forensics-science/curriculum

ReplyQuote
Posted : 25/02/2014 8:33 pm
Chris_Ed
(@chris_ed)
Active Member

Just to point out the obvious, as you never know Guidance run a course on the EnScript language, which is used in EnCase. It is based on C.

Also, Violent Python is a pretty cool book for examples of how to use Python to do forensic-y stuff.

ReplyQuote
Posted : 26/02/2014 2:48 pm
keydet89
(@keydet89)
Community Legend

….forensically centered programming…

…these courses in a format specifically oriented toward forensics.

Honestly, I'm not sure what either of those statements mean.

Programming is a tool, and you can make it do anything you want. The only difference between someone writing games and someone writing to solve a problem in the DFIR area is the goal, and what they hope to achieve.

ReplyQuote
Posted : 26/02/2014 5:22 pm
jaclaz
(@jaclaz)
Community Legend

The only difference between someone writing games and someone writing to solve a problem in the DFIR area is the goal, and what they hope to achieve.

Sure ) ; Encase scripts (but also PERL) are very popular among game programmers, and as you may well know it's years that the debate about DirectX vs. OpenGL is a key one among forensic programmers. wink

jaclaz

ReplyQuote
Posted : 26/02/2014 5:59 pm
BitHead
(@bithead)
Community Legend

Champlain College offers a Scripting for Digital Forensics class in their online masters program curriculum.

http//www.champlain.edu/computer-forensics/masters-digital-forensics-science/curriculum

Champlain needs to do a lot of work on that course before I would ever recommend anyone take it.

ReplyQuote
Posted : 27/02/2014 2:52 am
mscotgrove
(@mscotgrove)
Senior Member

I would suggest that a lot of forensics is involved with dealing with raw data structures. For this I suggest you look very closely at the 'C' based languages, in particular C and C++. They handle structures, bits and pointers very easily.

I once tried to something similar with PHP and was immediately VERY frustrated.

In some respects, the best language is one you can understand and know. C will let you do anything, but at the same time this can mean it will not protect you from some silly mistakes. After 31 years with C (C++) I have no intention of changing, but I am sure others will have different views.

Another big choice you need to investigate is a development environment. Again, after 20 years of Visual Studio, I have no intents to change, though I prefer 2010 to 2012.

When programming THINK in Hex, not decimal. 99% of the time it is a better way of describing most numbers

Programming is a tool, Forensics produces problems you want to solve/analyse.

ReplyQuote
Posted : 27/02/2014 6:18 am
Chris_Ed
(@chris_ed)
Active Member

I would hesitate to recommend any language over any other, really.

I mentioned EnScript as it is built into EnCase, but then XRY uses Python so that could be a good choice, too. And I personally enjoyed Violent Python, which is why I thought that might be a good resource.

But I guess that any programming language should, once you are proficient enough, one day be able to assist you with an examination or investigation in some manner. So maybe the best advice is to try a few different languages and see which one you like best?

ReplyQuote
Posted : 27/02/2014 3:26 pm
jaclaz
(@jaclaz)
Community Legend

Of course while being careful NOT to shoot one's foot wink
http//www.toodarkpark.org/computers/humor/shoot-self-in-foot.html
Namely

Python
You shoot yourself in the foot and then brag for hours about how much more elegantly you did it than if you had been using C or (God forbid) Perl.
You create a gun module, a gun class, a foot module, and a foot class. After realizing you can't point the gun at the foot, you pass a reference to the gun to a foot object. After the foot is blown up, the gun object remains alive for eternity, ready to shoot all future feet that may happen to appear.

D

jaclaz

ReplyQuote
Posted : 27/02/2014 3:49 pm
Chris_Ed
(@chris_ed)
Active Member

Hahaha. Heresey.

ReplyQuote
Posted : 28/02/2014 3:50 pm
Share: