Python Forensics

This book was the required text for one of my graduate courses. It covers a lot of ground and has some very useful scripts that are very well explained. These explanations provided a deeper understanding of both the code and, more importantly, the thought behind the code, which helped immensely when developing my own scripts for the course. I've never been much of a programmer - and I've tried many times - but I found this to be an enjoyable course and the book helped in that by making it easy to understand what was going on.This book does not hand everything to you on a silver platter, though. A basic understanding of Python helps, because there are no pages given here to covering the absolute basics of the language. As should be expected from any computer book, some of the methods and additional modules used in this text have changed significantly since publication, so there are adjustments to be made. These are to be expected, and I didn't feel bothered at all by having to figure these adjustments out on my own.My only criticisms of the text would be minor concerns at best. There are a couple areas where code examples within a chapter differ from place to place, and a couple typos in some of the code sections, but these are not difficult to spot or correct. The one addition I think this book could have used is a line number bar for the longer code sections, though. Not necessarily for keeping track of what line number the printed code is at, but more for the purpose of keeping track of indentation. There are sections of the text where code takes up multiple pages at a time and without some sort of reference, it can be hard to keep track of indentation.

I'm using this book as the required textbook for a graduate digital forensics program. When I first saw this book, my initial thought was, "Oh, great, another 'cookbook' with specific code examples" that may or may not be helpful if you don't need the exact functionality being offered in the examples. After a few chapters of actually studying and applying the concepts covered, however, I realized the specific functionality used in each example Python application has much broader application to a variety of other problems. For example, the use of the argparse() module is heavily used for quick, robust command line parsing, providing help diaglog, etc. Several os module libraries are also shown that could be used in a variety of applications.Note the book does not cover general programming concepts, like conditional statements, loops, algorithms, etc.), and I don't believe it was ever intended to do so. I would recommend this book to anyone with some programming experience who wants a good introduction to using Python for digital forensics applications or and introduction to core Python standard library functionality.

I had planned on picking this book up before I had my Graduate course, but found out it was the required group for the actual course. I have enjoyed this book very much and as a resource for a class it was very helpful. This book assists with understanding a framework on certain tasks that a investigator may do every day and then challenges the reader to think about how they could improve it.For me it helped me to fully understand how to do functions as I was having some issues with them and after going through it I understood fully how to write and use a python function.

Chet does a great job of explaining not just the "how" but the "why" of the tools he walks the reader through. The code comments are very thorough, which is not something seen often but is very helpful for newer Python users. This book is already "dog-eared" heavily for my personal use and will be a great addition to my library. Many of the ideas presented will be applied to my current code repository.

As someone who doesn't "code", never has "coded" and is frightened by the word "code" I found this book and its progression to be a natural smooth transition. While I still wouldn't consider myself well versed in python, I now have a better understanding of python and can write some simple scripts. This book I found to be very useful and very easy to read. A+

This has always been my "go to" book on Python Forensics. The book is well written and gives you a nice base for conducting investigations and using Python. The examples are clear and concise.

Would have liked more examples in the book and a sample DVD. The book is well written.

This is an excellent book which deserves more time than I have given it so far.

A well thought out book with some useful and interesting topics presented in a way that makes them easy to learn, or would be but for a few fundamental problems. The first being that python uses white space to mark blocks of code, when a code listing spans one or more pages it is impossible to follow the indentation depth unless you rip out a page and place it below the preceding page. (Not an option for Kindle users). This would not be such an issue if the source code were available to download. The book says it is available at python-forensics.org, but sadly it is not. Neither is a list of errata available anywhere. Going Syngress (now owned by Elsevier extending their monopoly over academic text) is just as useless with zero support for their publications. Neither Author nor publisher seen to want people to contact them with no support options or email addresses to contact. So what could have been a really excellent book is reduced to being an expensive doorstop by lack of any support. I've been a big purchaser of Syngress books for many years, but sadly now it seems that Elsevier (like with academic publishing) are just interested in exploiting the market for as much money as can be extracted. *** Update. The Author was very fast in emailing me the source code for the books examples. So bonus marks for his support.