Register TODAY to Save $350 on Security West, Jan 24 - Feb 1 >> More Info
the most trusted source for computer security training, certification and research

SANS InfoSec Reading Room - Forensics

<<Reading Room Home
Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact webmaster@sans.org.

Core_1

Featuring 9 papers as of Dec 2, 2008
Data Carving Concepts
Antonio Merola
November 19, 2008
- download paper PDF
Mobile Device Forensics
Andrew Martin
September 5, 2008
- download paper PDF
A Forensic Primer for Usenet Evidence
Mark Lachniet
June 25, 2008
- download paper PDF
Ex-Tip: An Extensible Timeline Analysis Framework in Perl
Michael Cloppert
May 21, 2008
- download paper PDF
Taking advantage of Ext3 journaling file system in a forensic investigation
Gregorio Narvaez
December 11, 2007
- download paper PDF
Forensic Analysis of a SQL Server 2005 Database Server
Kevvie Fowler
September 28, 2007
- download paper PDF
Becoming a Forensic Investigator
Mark Maher
August 15, 2004
- download paper PDF
A Case for Forensics Tools in Cross-Domain Data Transfers
Dwane Knott
October 31, 2003
- download paper PDF
Forensic Analysis of a Compromised Intranet Server
Roberto Obialero
- download paper PDF
SANS Reading Room
Fight Crime.
Unravel Incidents.... One Byte at a Time.

Visit the NEW Forensics & E-Discovery Site >>

This is hands-down, the premiere training opportunity.
- Dan Mather, JICPAC

SEcurity West 09 -Skyscraper new

Contact us: (301) 654-SANS(7267)
Monday - Friday 9am-8pm EST/EDT