| 1 | Windows Memory Analysis, "http://www.forensicswiki.org/wiki/Windows_Memory_Analysis" |
| 2 | Wikipedia, "COFFE(Computer Online Forensic Evidence Extractor)", http://en.wikipedia.org/wiki/Computer_Online_Forensic_Evidence_Extractor |
| 3 | PassMark Software, "OSF(OSForen- sics)", http://www.osforensics.com/do wnload.html |
| 4 | ArxSys, "DFF", http://www.digital-for-ensic.org/en/ |
| 5 | DeftLinux, "DART2", http://www.deft-linux.net/ |
| 6 | Wikipedia, "File System", https://en.wikipedia.org/wiki/File_system |
| 7 | M Kohn, MS Olivier, JHP Eloff, "Fram ework for a Digital Forensic Investigat ion", JHP Eloff - ISSA, 2006 |
| 8 | M Reith, C Carr, G Gunsch, "An exam ination of digital forensic models", Inte rnational Journal of Digital Evid ence, 2002 |
| 9 | SANS, "Windows Artifact Analysis: Evidence of...", https://uk.sans.org/posters/windows_artifact_analysis.pdf010 Editor, Binary Template, http://www.sweetscape.com/010editor/templates.html |
| 10 | wikipedia, List of file formats, https://en.wikipedia.org/wiki/List_of_file_formats |
| 11 | Log2Timeline, Log2Timeline, https://github.com/log2timeline/plaso |
| 12 | Data Structure, https://en.wikipedia.org/wiki/Data_structure |
| 13 | Willi Ballenthin , python-evtx module, http://www.williballenthin.com/evtx/index.html |
| 14 | Willi Ballenthin, python-registry mod ule,http://www.williballenthin.com /registry/index.html |
| 15 | SQLite, The SQLite Database File For mat, https://www.sqlite.org/fileformat2.html |
| 16 | Portable Python, "Portable Python", http://portablepython.com/ |
| 17 | SangJun Jeon, "Portable Forensic Platf orm", https://thesoft.org |
 |
Korea Institute of Science and Technology Information
Gwahangno, Yuseong-gu, Daejeon, 305-806, Korea TEL : +82-42-869-1752
Copyright (c) 2009 KISTI. All Rights Reserved. For more information mail to
webmaster
