更新时间:2021-08-20 10:17:57
coverpage
Title Page
Copyright and Credits
Learning Python for Forensics Second Edition
About Packt
Why subscribe?
Packt.com
Contributors
About the authors
About the reviewer
Packt is searching for authors like you
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the example code files
Download the color images
Conventions used
Get in touch
Reviews
Now for Something Completely Different
When to use Python
Development life cycle
Getting started
The omnipresent print() function
Standard data types
Strings and Unicode
Integers and floats
Boolean and none
Structured data types
Lists
Dictionaries
Sets and tuples
Data type conversions
Files
Variables
Understanding scripting flow logic
Conditionals
Loops
The for loop
The while loop
Functions
Summary
Python Fundamentals
Advanced data types and functions
Iterators
datetime objects
Libraries
Installing third-party libraries
Libraries in this book
Python packages
Classes and object-oriented programming
Try and except
The raise function
Creating our first script – unix_converter.py
User input
Using the raw input method and the system module – user_input.py
Understanding Argparse – argument_parser.py
Forensic scripting best practices
Developing our first forensic script – usb_lookup.py
Understanding the main() function
Interpreting the search_key() function
Running our first forensic script
Troubleshooting
Challenge
Parsing Text Files
Setup API
Introducing our script
Overview
Our first iteration – setupapi_parser_v1.py
Designing the main() function
Crafting the parse_setupapi() function
Developing the print_output() function
Running the script
Our second iteration – setupapi_parser_v2.py
Improving the main() function
Tuning the parse_setupapi() function
Modifying the print_output() function
Our final iteration – setupapi_parser.py
Extending the main() function
Adding to the parse_setup_api() function
Creating the parse_device_info() function
Forming the prep_usb_lookup() function
Constructing the get_device_names() function
Enhancing the print_output() function
Working with Serialized Data Structures
Serialized data structures
A simple Bitcoin web API
Our first iteration – bitcoin_address_lookup.v1.py
Exploring the main() function
Understanding the get_address() function
Working with the print_transactions() function
The print_header() helper function
The get_inputs() helper function
