//Topic
Best Forensics books
3 books in our catalog cover Forensics, ranked by rating. Each entry is an opinionated review with who the book is for and who should skip it.
01 · 2014
The Art of Memory Forensics
Detecting Malware and Threats in Windows, Linux, and Mac Memory
Ligh, Case, Levy, and Walters' canonical reference on memory analysis with Volatility — the technique, the tooling, and the operating-system internals it depends on, across Windows, Linux, and macOS.
Advanced5/5Michael Hale Ligh, Andrew Case, Jamie Levy, AAron Walters02 · 2021
Practical Linux Forensics
A Guide for Digital Investigators
Bruce Nikkel's reference for forensic analysts working post-mortem on Linux images: filesystems, journaling, logs, persistence locations, and the chain of custody discipline around them.
Intermediate4/5Bruce Nikkel03 · 2014
Incident Response and Computer Forensics
Luttgens, Pepe, and Mandia's working playbook for running an enterprise IR engagement: pre-engagement readiness, evidence acquisition, network and host forensics, and the project-management discipline that separates a controlled response from a panic.
Intermediate4/5Jason T. Luttgens, Matthew Pepe, Kevin Mandia