Skip to Main Content
Operating System Forensics
book

Operating System Forensics

by Ric Messier
November 2015
Intermediate to advanced content levelIntermediate to advanced
386 pages
12h 50m
English
Syngress
Content preview from Operating System Forensics
Chapter 9

Executable Programs

Abstract

Investigating the structure of programs and executables in order to understand where information is in memory, how programs run and how malware can be created.

Keywords

operating systems
forensics
operating environments

INFORMATION INCLUDED IN THIS CHAPTER:

Windows Portable Executable
Linux Executable and Linkable Format
Mac OS X Application Bundles
NET Common Language Runtime
Debugging/Disassembly
System Calls and Tracing

Introduction

At the core of any computer system is the programs that run on it. It might normally go without saying, but I am going to say it anyway. Those programs are what make computers useful but more importantly, provide us with artifacts, which make sure that forensic ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Computer Forensics InfoSec Pro Guide

Computer Forensics InfoSec Pro Guide

David Cowen
Windows Forensics Cookbook

Windows Forensics Cookbook

Scar de Courcier, Oleg Skulkin
Malware Forensics Field Guide for Linux Systems

Malware Forensics Field Guide for Linux Systems

Eoghan Casey, Cameron H. Malin, James M. Aquilina

Publisher Resources

ISBN: 9780128019634