Practical Cyber Intelligence

Practical Cyber Intelligence

by Adam Tilmar Jakobsen
Released August 2024
Publisher(s): Wiley
ISBN: 9781394256099

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Overview of the latest techniques and practices used in digital forensics and how to apply them to the investigative process

Practical Cyber Intelligence provides a thorough and practical introduction to the different tactics, techniques, and procedures that exist in the field of cyber investigation and cyber forensics to collect, preserve, and analyze digital evidence, enabling readers to understand the digital landscape and analyze legacy devices, current models, and models that may be created in the future. Readers will learn how to determine what evidence exists and how to find it on a device, as well as what story it tells about the activities on the device.

Over 100 images and tables are included to aid in reader comprehension, and case studies are included at the end of the book to elucidate core concepts throughout the text.

To get the most value from this book, readers should be familiar with how a computer operates (e.g., CPU, RAM, and disk), be comfortable interacting with both Windows and Linux operating systems as well as Bash and PowerShell commands and have a basic understanding of Python and how to execute Python scripts.

Practical Cyber Intelligence includes detailed information on:

  • OSINT, the method of using a device’s information to find clues and link a digital avatar to a person, with information on search engines, profiling, and infrastructure mapping
  • Window forensics, covering the Windows registry, shell items, the event log and much more
  • Mobile forensics, understanding the difference between Android and iOS and where key evidence can be found on the device

Focusing on methodology that is accessible to everyone without any special tools, Practical Cyber Intelligence is an essential introduction to the topic for all professionals looking to enter or advance in the field of cyber investigation, including cyber security practitioners and analysts and law enforcement agents who handle digital evidence.

Table of contents

  1. Cover
  2. Table of Contents
  3. Title Page
  4. Copyright
  5. Dedication
  6. About the Author
  7. Preface
  8. Acknowledgments
  9. Introduction
  10. 1 Intelligence Analysis
    1. 1.1 Intelligence Life Cycle
    2. 1.2 Cyber Threat Intelligence Frameworks
    3. 1.3 Summary
    4. Notes
  11. 2 Digital Forensics
    1. 2.1 Device Collection
    2. 2.2 Preservation
    3. 2.3 Acquisition
    4. 2.4 Processing
    5. 2.5 Analysis
    6. 2.6 Documentation and Reporting
    7. 2.7 Summary
    8. Note
  12. 3 Disk Forensics
    1. 3.1 Acquisition
    2. 3.2 Preparation
    3. 3.3 Analysis
    4. 3.4 File and Data Carving
    5. 3.5 Summary
    6. Notes
  13. 4 Memory Forensics
    1. 4.1 Acquisition
    2. 4.2 Analysis
    3. 4.3 Summary
    4. Notes
  14. 5 SQLite Forensics
    1. 5.1 Analyzing
    2. 5.2 Summary
    3. Notes
  15. 6 Windows Forensics
    1. 6.1 New Technology File System (NTFS)
    2. 6.2 Acquisition
    3. 6.3 Analysis
    4. 6.4 Evidence Location
    5. 6.5 Summary
    6. Notes
  16. 7 macOS Forensics
    1. 7.1 File System
    2. 7.2 Security
    3. 7.3 Acquisition
    4. 7.4 Analysis
    5. 7.5 Evidence Location
    6. 7.6 Summary
    7. Notes
  17. 8 Linux Forensics
    1. 8.1 File System
    2. 8.2 Security
    3. 8.3 Acquisition
    4. 8.4 Analysis
    5. 8.5 Evidence Location
    6. 8.6 Summary
    7. Notes
  18. 9 iOS
    1. 9.1 File System
    2. 9.2 Security
    3. 9.3 Applications
    4. 9.4 Acquisition
    5. 9.5 iCloud
    6. 9.6 Analysis
    7. 9.7 Evidence of Location
    8. 9.8 Summary
    9. Notes
  19. 10 Android
    1. 10.1 File Systems
    2. 10.2 Security
    3. 10.3 Application
    4. 10.4 Acquisition
    5. 10.5 Analysis
    6. 10.6 Evidence of Location
    7. Notes
  20. 11 Network Forensics
    1. 11.1 Acquisition
    2. 11.2 Analysis
    3. 11.3 Summary
    4. Notes
  21. 12 Malware Analysis
    1. 12.1 Acquiring Malware Samples
    2. 12.2 Handling Malware Samples
    3. 12.3 Analysis
    4. 12.4 Summary
    5. Notes
  22. 13 OSINT
    1. 13.1 Methodology
    2. 13.2 Documentation
    3. 13.3 Securing Yourself (OPSEC)
    4. 13.4 Search Engines
    5. 13.5 Profiling
    6. 13.6 Hunt for Data
    7. 13.7 Infrastructure Mapping
    8. 13.8 Automation of OSINT Tasks
    9. 13.9 Summary
    10. Notes
  23. 14 Case Studies
    1. 14.1 Case of “The Missing Author”
    2. 14.2 The Insider Threat
  24. 15 Ending
    1. 15.1 What’s the Next Step?
    2. Notes
  25. Index
  26. End User License Agreement

Product information

  • Title: Practical Cyber Intelligence
  • Author(s): Adam Tilmar Jakobsen
  • Release date: August 2024
  • Publisher(s): Wiley
  • ISBN: 9781394256099