---

Python Forensics provides many never-before-published proven forensic modules, libraries, and solutions that can be used right out of the box. In addition, detailed instruction and documentation provided with the code samples will allow even novice Python programmers to add their own unique twists or use the models presented to build new solutions.

Rapid development of new cybercrime investigation tools is an essential ingredient in virtually every case and environment. Whether you are performing post-mortem investigation, executing live triage, extracting evidence from mobile devices or cloud services, or you are collecting and processing evidence from a network, Python forensic implementations can fill in the gaps.

Drawing upon years of practical experience and using numerous examples and illustrative code samples, author Chet Hosmer discusses how to:

Develop new forensic solutions independent of large vendor software release schedules
Participate in an open-source workbench that facilitates direct involvement in the design and implementation of new methods that augment or replace existing tools
Advance your career by creating new solutions along with the construction of cutting-edge automation solutions to solve old problems

Provides hands-on tools, code samples, and detailed instruction and documentation that can be put to use immediately
Discusses how to create a Python forensics workbench
Covers effective forensic searching and indexing using Python
Shows how to use Python to examine mobile device operating systems: iOS, Android, and Windows 8
Presents complete coverage of how to use Python scripts for network investigation

---

1. Why Python Forensics 2. creating a Python Forensics Workbench 3. Let´s Write Our First Python Forensics App 4. Effective Forensic Searching and Indexing using Python 5. Evidence Carving with Python 6. Timeline Evidence with Python 7. Natural Language Processing of Evidence using Python 8. Examining Mobile Device Evidence with Python 9. Log File Analysis 10. Python Scripts for Network Investigation 11. Investigating the Cloud 12. Future Expansion

---

"Covering a panoply of techniques from search to network forensics, reading this book will expand the reader´s understanding of both forensics and the Python libraries." --Computing Reviews, December 2014

"Overall, the book is well laid out. The first few chapters cover some important forensic challenges. The code is easy to follow and well commented." --Help Net Security, December 2014

---