Difference between pages "Windows Shadow Volumes" and "Golden G. Richard III"

From Forensics Wiki
(Difference between pages)
Jump to: navigation, search
(External Links)
 
m
 
Line 1: Line 1:
==Volume Shadow Copy Service==
 
Windows has included the Volume Shadow Copy Service in it's releases since Windows XP.  The Shadow Copy Service creates differential backups periodically to create restore points for the user.  Windows 7 Professional and Ultimate editions include tools to work with and manage the Volume Shadow Copy Service, including the ability to [[mount shadow volumes on disk images]].
 
  
== Also see ==
+
Golden G. Richard III is Professor of Computer Science, University Research Professor, and Director of the Greater New Orleans Center for Information Assurance (GNOCIA) at the University of New Orleans, where he has taught and done research in cybersecurity, operating systems internals, reverse engineering, and malware analysis since 1994.  Golden earned a Ph.D. in Computer Science from The Ohio State University in 1995.  He is also the Founder and Owner of Arcane Alloy, LLC, a private digital forensics and cybersecurity firm, the original author of the [[Scalpel]] file [[Carving|carving]] tool, a pioneer in applying high performance computing principles to digital forensics, and a professional music photographer.
* [[Mount shadow volumes on disk images]]
+
 
 +
He maintains a [[Blogs|blog]] called "Outlook Purple" and can be found on Twitter at @nolaforensix.
 +
 
 +
== See Also ==
 +
 
 +
[[Forensics on GPUs]]
  
 
== External Links ==
 
== External Links ==
* [http://computer-forensics.sans.org/blog/2008/10/10/shadow-forensics/ VISTA and Windows 7 Shadow Volume Forensics], by [[Rob Lee]], October 2008
 
* [http://forensic4cast.com/2010/04/19/into-the-shadows/ Into The Shadows], by [[Lee Whitfield]], April 2010
 
* [http://windowsir.blogspot.ch/2011/01/accessing-volume-shadow-copies.html Accessing Volume Shadow Copies], by [[Harlan Carvey]], January 2010
 
* [http://code.google.com/p/libvshadow/downloads/detail?name=Volume%20Shadow%20Snapshot%20%28VSS%29%20format.pdf Volume Shadow Snapshot format], by [[Joachim Metz]], March 2011
 
* [http://toorcon.techpathways.com/uploads/VolumeShadowCopyWithProDiscover-0511.pdf Volume Shadow Copy with ProDiscover], May 2011
 
* [http://computer-forensics.sans.org/blog/2011/09/16/shadow-timelines-and-other-shadowvolumecopy-digital-forensics-techniques-with-the-sleuthkit-on-windows/ Shadow Timelines And Other VolumeShadowCopy Digital Forensics Techniques with the Sleuthkit on Windows], by [[Rob Lee]], September 2011
 
* [http://justaskweg.com/?p=351 Getting Ready for a Shadow Volume Exam], by [[Jimmy Weg]], June 2012
 
* [http://justaskweg.com/?p=466 Mounting Shadow Volumes], by [[Jimmy Weg]], July 2012
 
* [http://justaskweg.com/?p=518 Examining the Shadow Volumes with X-Ways Forensics], by [[Jimmy Weg]], July 2012
 
* [http://encase-forensic-blog.guidancesoftware.com/2012/06/examining-volume-shadow-copies-easy-way.html Examining Volume Shadow Copies – The Easy Way!], by [[Simon Key]], June 2012
 
  
== Tools ==
+
* [http://www.cs.uno.edu/~golden/ Official website]
* [[libvshadow]]
+
* [http://www.arcanealloy.com / Arcane Alloy, LLC]
 +
* [http://outlookpurple.blogspot.com / Outlook Purple]
 +
* [http://www.highisomusic.com / High ISO Music]
  
[[Category:Volume Systems]]
+
[[Category:People]]

Revision as of 15:32, 28 January 2014

Golden G. Richard III is Professor of Computer Science, University Research Professor, and Director of the Greater New Orleans Center for Information Assurance (GNOCIA) at the University of New Orleans, where he has taught and done research in cybersecurity, operating systems internals, reverse engineering, and malware analysis since 1994. Golden earned a Ph.D. in Computer Science from The Ohio State University in 1995. He is also the Founder and Owner of Arcane Alloy, LLC, a private digital forensics and cybersecurity firm, the original author of the Scalpel file carving tool, a pioneer in applying high performance computing principles to digital forensics, and a professional music photographer.

He maintains a blog called "Outlook Purple" and can be found on Twitter at @nolaforensix.

See Also

Forensics on GPUs

External Links