Our first iteration – setupapi_parser.v1.py

The goal of our first iteration is to develop a functional prototype that we will improve upon in later iterations. We will continue to see the following code block in all our scripts, which provides basic documentation about the script:

001 __author__ = 'Preston Miller & Chapin Bryce'
002 __date__ = '20160401'
003 __version__ = 0.01
004 __description__ = 'This scripts reads a Windows 7 Setup API log and prints USB Devices to the user'

Our script involves three functions which are outlined below. The main() function kicks off the script by calling the parse_setupapi() function. This function reads the setupapi.dev.log file and extracts the USB device and first installation date information. After processing, ...

Get Learning Python for Forensics now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Learning Python for Forensics by Preston Miller, Chapin Bryce

Our first iteration – setupapi_parser.v1.py

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly