EnCase EnScript Resources for Learning

Posted on by Barry Keegan

Caveat: A lot of the resources mentioned below are quite old, as a result, Your Mileage May Vary.

I’m starting to take a deep dive into EnScript in EnCase, and I was lamenting the lack of freely available resources, but lo and behold Today I struck gold and found a few resources that had escaped my attention before now, so I thought I’d do a quick post collating what I found.

First and foremost is an EnScript research paper-turned tutorial that I was surprised to see was freely available. If it goes away at any stage you should be able to get a copy on the Way Back Machine. (Just found this copy by chance too, from a site that seems to have some permanence: https://problemykryminalistyki.pl/pliki/dokumenty//olberuseofencase.pdf.)

The paper had a number of references to other resources which I’ll list below:

Outside of that I found a few other resources, here are two tutorial documents:

Then of course you have Simon Key’s Github page which hosts a few EnScript samples. Simon Key is a “Sr. Principal Courseware Developer at OpenText” according to his LinkedIn page, so you should be able to learn from his samples how an EnScript should be.

Just as an example of a discussion thread here is one that can be found over on the Forensic Focus forums, so if you run into difficulties you may even be able to get some help.

There’s a YouTube video from Guidance Software discussing the utility of EnScript plug-ins during an investigation.

Finally, I’ll also be leaning on the EnScript chapter from this O’Reilly book https://www.oreilly.com/library/view/computer-forensics-and/9780071807913/.

That should be enough to get me off the ground, if I find any more I’ll add them here. If you have any suggestions for resources, feel free to let me know.

Leave a Reply

Your email address will not be published. Required fields are marked *