Join Us!

Notifications
Clear all

Forensic resources  

  RSS
keydet89
(@keydet89)
Community Legend

All,

I'd like to get an idea of the following

1. What other forensic resources do you use? Are there any technically-oriented listservs or groups that you frequent?

2. What technically-oriented web sites do you go to?

3. What technically-oriented blogs do you have bookmarked and/or visit regularly?

4. Books.

Thanks,

Harlan

Quote
Posted : 13/12/2005 4:08 pm
hogfly
(@hogfly)
Active Member

resources and sites
security focus mailing list -forensics
this site
linux forensics mailing list
computerforensicsworld.com
infosyssec.com
sans -ISC, reading room
ijde
dfrws
norman.sandbox.no
virustotal.com
virus.jotti.org
winhex forums
irc
e-evidence.info
opensourceforensics.org
DOJ, NSRL
sleuthkit.org

blogs
yours
taosecurity
wormblog
russinovich
F-secure

books
yours
computer forensics -incident response essentials -kruse
software forensics -slade
computer forensics -vacca
art of computer virus research and defense -szor
inside the windows nt filesystem -custer
tao of NSM -beitlich
extrusion detection -beitlich
RDF - jones, beitlich
File system forensic analysis -carrier
guide to computer forensics & investigations -phillips, nelson et al.
incident response
SANS GCIH material

I'm sure there's more that I have and use..but that's what comes to mind (my bookmarks are on my laptop).

ReplyQuote
Posted : 13/12/2005 6:48 pm
arashiryu
(@arashiryu)
Active Member
Sall1
(@sall1)
New Member

I am very much learning, and have only recently found this site.

The other site I visit frequently though is Computer Forensics World at
http//www.computerforensicsworld.com

As a learner I also recently bought a starter kit which I fend useful, called the Computer Forensics Toolkit http//computer-forensics.privacyresources.org

I have submitted both to the links area, and suggest the sites listed by arashiryu are submitted too.

I hope this helps.

ReplyQuote
Posted : 20/12/2005 9:15 pm
schlecht
(@schlecht)
Junior Member

Listservs and groups

All the securityfocus groups pretty much
insecure.org groups
nessus groups

Website and blogs

security-forums.com
computerforensicworld.com infrequently
gentoo.org
get an rss feed from Day in the Life of a Security Investigator

Books so far

Yours keydet89
Forensic Discovery - Farmer and Venema
Pretty much all the DOJ NIJ books

….and more to come.

ReplyQuote
Posted : 20/12/2005 10:42 pm
koko
 koko
(@koko)
New Member

Don't forget code oriented sites like
http//www.codeproject.com
http//www.codeguru.com
http//www.oreillynet.com/
http//sourceforge.net/

for example, code project has this article
http//www.codeproject.com/system/VmDetect.asp
where the author explains how a program can tell if it is being run inside of vmware or virtualpc.

browsing or searching through sourceforge often helps because you can look at source code. IExtract is the last one i was taking a look at to try to learn of other ways to get metadata and to see what other file formats they covered.

ReplyQuote
Posted : 22/12/2005 12:04 am
keen
 keen
(@keen)
New Member

i'm interested in foreign sources as well. so far a lot of stuff i've seen tends to be US centric, which is cool, but that makes me wonder if foreign companies and law enforcement are relying on US lead in this area, or are they developing their own expertise in the field?

ReplyQuote
Posted : 06/04/2006 9:11 pm
Share: