Similar authors to follow
Manage your follows
About Chet Hosmer
Chet Hosmer is an assistant professor of practice at the University of Arizona. He is the Founder and Technical Author at Python Forensics, Inc. a non-profit organization focused on the collaborative development of open source investigative technologies using the Python programming language.
Chet is the author of the following Syngress Titles:
Integrating Python with Leading Computer Forensic Platforms: ISBN-13: 978-0128099490 takes a definitive look at how and why the integration of Python advances the field of digital forensics. In addition, the book includes practical, never seen Python examples that can be immediately put to use.
Python Passive Network Mapping: P2NMAP ISBN-13: 978-0128027219 is the first book to reveal a revolutionary and open source method for exposing nefarious network activity.
Python Forensics, A workbench for inventing and sharing digital forensic technology. ISBN-13: 978-0124186767
Data Hiding, Exposing concealed data in multimedia, operating systems, mobile devices and network protocols, co-authored with Mike Raggo. ISBN-13: 978-1597497435
Executing Windows Command Line Investigations: co-authored with Joshua Bartolomie and Rosanne Pelli. ISBN-13: 978-0128092682 targets the needs of cyber security practitioners who focus on digital forensics and incident response. These are the individuals who are ultimately responsible for executing critical tasks such as incident response; forensic analysis and triage; damage assessments; espionage or other criminal investigations; malware analysis; and responding to human resource violations.
Chet has been researching and developing technology and training surrounding digital investigation, forensics, data hiding, steganography and cyber security for over two decades. He has made numerous appearances to discuss emerging cyber threats including National Public Radio's Kojo Nnamdi show, ABC's Primetime Thursday, NHK Japan, CrimeCrime TechTV and ABC News Australia. He has also been a frequent contributor to technical and news stories relating to cyber security and forensics and quoted by IEEE, The New York Times, The Washington Post, Government Computer News, Salon.com and Wired Magazine.
Chet delivers keynote talks on various cyber security related topics around the world each year.
Customers Also Bought Items By
You will learn how to join PowerShell's robust set of commands and access to the internals of both the MS Windows desktop and enterprise devices and Python's rich scripting environment allowing for the rapid development of new tools for investigation, automation, and deep analysis.
PowerShell and Python Together takes a practical approach that provides an entry point and level playing field for a wide range of individuals, small companies, researchers, academics, students, and hobbyists to participate.
What You’ll Learn
- Leverage the internals of PowerShell for: digital investigation, incident response, and forensics
- Leverage Python to exploit already existing PowerShell CmdLets and aliases to build new automation and analysis capabilities
- Create combined PowerShell and Python applications that provide: rapid response capabilities to cybersecurity events, assistance in the precipitous collection of critical evidence (from the desktop and enterprise), and the ability to analyze, reason about, and respond to events and evidence collected across the enterprise
Who This Book Is For
System administrators, IT personnel, incident response teams, forensic investigators, professors teaching in undergraduate and graduate programs in cybersecurity, students in cybersecurity and computer science programs, and software developers and engineers developing new cybersecurity defenses
Defending IoT Infrastructures with the Raspberry Pi provides techniques and scripts for the discovery of dangerous data leakage events emanating from IoT devices. Using Raspbian Linux and specialized Python scripts, the book walks through the steps necessary to monitor, detect, and respond to attacks targeting IoT devices.
There are several books that cover IoT, IoT security, Raspberry Pi, and Python separately, but this book is the first of its kind to put them all together. It takes a practical approach, providing an entry point and level playing field for a wide range of individuals, small companies, researchers, academics, students, and hobbyists to participate.
What You’ll Learn
- Create a secure, operational Raspberry Pi IoT sensor
- Configure and train the sensor using “normal” IoT behavior
- Establish analytics for detecting aberrant activities
- Generate real-time alerts to preempt attacks
- Identify and report data-leakage events originating from IoT devices
- Develop custom Python applications for cybersecurity
Who This Book Is ForCybersecurity specialists, professors teaching in undergraduate and graduate programs in cybersecurity, students in cybersecurity and computer science programs, software developers and engineers developing new cybersecurity defenses, incident response teams, software developers and engineers in general, and hobbyists wanting to expand the application of Raspberry Pi into both IoT and cybersecurity
Integrating Python with Leading Computer Forensic Platforms takes a definitive look at how and why the integration of Python advances the field of digital forensics. In addition, the book includes practical, never seen Python examples that can be immediately put to use. Noted author Chet Hosmer demonstrates how to extend four key Forensic Platforms using Python, including EnCase by Guidance Software, MPE+ by AccessData, The Open Source Autopsy/SleuthKit by Brian Carrier and WetStone Technologies, and Live Acquisition and Triage Tool US-LATT. This book is for practitioners, forensic investigators, educators, students, private investigators, or anyone advancing digital forensics for investigating cybercrime.
Additionally, the open source availability of the examples allows for sharing and growth within the industry. This book is the first to provide details on how to directly integrate Python into key forensic platforms.
- Provides hands-on tools, code samples, detailed instruction, and documentation that can be immediately put to use
- Shows how to integrate Python with popular digital forensic platforms, including EnCase, MPE+, The Open Source Autopsy/SleuthKit, and US-LATT
- Presents complete coverage of how to use Open Source Python scripts to extend and modify popular digital forensic Platforms
The book Executing Windows Command Line Investigations targets the needs of cyber security practitioners who focus on digital forensics and incident response. These are the individuals who are ultimately responsible for executing critical tasks such as incident response; forensic analysis and triage; damage assessments; espionage or other criminal investigations; malware analysis; and responding to human resource violations.
The authors lead readers through the importance of Windows CLI, as well as optimal configuration and usage. Readers will then learn the importance of maintaining evidentiary integrity, evidence volatility, and gain appropriate insight into methodologies that limit the potential of inadvertently destroying or otherwise altering evidence. Next, readers will be given an overview on how to use the proprietary software that accompanies the book as a download from the companion website. This software, called Proactive Incident Response Command Shell (PIRCS), developed by Harris Corporation provides an interface similar to that of a Windows CLI that automates evidentiary chain of custody and reduces human error and documentation gaps during incident response.
- Includes a free download of the Proactive Incident Response Command Shell (PIRCS) software
- Learn about the technical details of Windows CLI so you can directly manage every aspect of incident response evidence acquisition and triage, while maintaining evidentiary integrity
Python Passive Network Mapping: P2NMAP is the first book to reveal a revolutionary and open source method for exposing nefarious network activity.
The "Heartbleed" vulnerability has revealed significant weaknesses within enterprise environments related to the lack of a definitive mapping of network assets. In Python Passive Network Mapping, Chet Hosmer shows you how to effectively and definitively passively map networks. Active or probing methods to network mapping have traditionally been used, but they have many drawbacks - they can disrupt operations, crash systems, and - most importantly - miss critical nefarious activity. You require an accurate picture of the environments you protect and operate in order to rapidly investigate, mitigate, and then recover from these new attack vectors. This book gives you a deep understanding of new innovations to passive network mapping, while delivering open source Python-based tools that can be put into practice immediately.
Python Passive Network Mapping is for practitioners, forensic investigators, IT teams, and individuals who work together when performing incident response and investigating potential damage, or are examining the impacts of new malware threats. Those defending critical infrastructures will have a special interest in this book, as active or probing methods of network mapping are rarely used within these environments as any resulting impacts can be disastrous. Python Passive Network Mapping is ideally suited for use as a text in a variety of academic programs to expose and engage students in the art of passively mapping enterprise networks, with the added benefit of providing exposure to open source Python solutions.
- First book to show you how to use open source Python to conduct passive network mapping
- Provides a new method for conducting incident response and investigating the extent of potential damage to your systems
- Python code forensics toolkit for network mapping included on the companion website
Python Forensics provides many never-before-published proven forensic modules, libraries, and solutions that can be used right out of the box. In addition, detailed instruction and documentation provided with the code samples will allow even novice Python programmers to add their own unique twists or use the models presented to build new solutions.
Rapid development of new cybercrime investigation tools is an essential ingredient in virtually every case and environment. Whether you are performing post-mortem investigation, executing live triage, extracting evidence from mobile devices or cloud services, or you are collecting and processing evidence from a network, Python forensic implementations can fill in the gaps.
Drawing upon years of practical experience and using numerous examples and illustrative code samples, author Chet Hosmer discusses how to:
- Develop new forensic solutions independent of large vendor software release schedules
- Participate in an open-source workbench that facilitates direct involvement in the design and implementation of new methods that augment or replace existing tools
- Advance your career by creating new solutions along with the construction of cutting-edge automation solutions to solve old problems
- Provides hands-on tools, code samples, and detailed instruction and documentation that can be put to use immediately
- Discusses how to create a Python forensics workbench
- Covers effective forensic searching and indexing using Python
- Shows how to use Python to examine mobile device operating systems: iOS, Android, and Windows 8
- Presents complete coverage of how to use Python scripts for network investigation
As data hiding detection and forensic techniques have matured, people are creating more advanced stealth methods for spying, corporate espionage, terrorism, and cyber warfare all to avoid detection. Data Hiding provides an exploration into the present day and next generation of tools and techniques used in covert communications, advanced malware methods and data concealment tactics. The hiding techniques outlined include the latest technologies including mobile devices, multimedia, virtualization and others. These concepts provide corporate, goverment and military personnel with the knowledge to investigate and defend against insider threats, spy techniques, espionage, advanced malware and secret communications. By understanding the plethora of threats, you will gain an understanding of the methods to defend oneself from these threats through detection, investigation, mitigation and prevention.
- Provides many real-world examples of data concealment on the latest technologies including iOS, Android, VMware, MacOS X, Linux and Windows 7
- Dives deep into the less known approaches to data hiding, covert communications, and advanced malware
- Includes never before published information about next generation methods of data hiding
- Outlines a well-defined methodology for countering threats
- Looks ahead at future predictions for data hiding
Since its first volume in 1960, Advances in Computers has presented detailed coverage of innovations in computer hardware, software, theory, design, and applications. It has also provided contributors with a medium in which they can explore their subjects in greater depth and breadth than journal articles usually allow. As a result, many articles have become standard references that continue to be of sugnificant, lasting value in this rapidly expanding field.
- In-depth surveys and tutorials on new computer technology
- Well-known authors and researchers in the field
- Extensive bibliographies with most chapters
- Many of the volumes are devoted to single themes or subfields of computer science