Digital Forensics with Kali Linux
Perform data acquisition, data recovery, network forensics, and malware analysis with Kali Linux, 2nd Edition
Shiva V. N Parasram
- 334 pages
- English
- ePUB (mobile friendly)
- Available on iOS & Android
Digital Forensics with Kali Linux
Perform data acquisition, data recovery, network forensics, and malware analysis with Kali Linux, 2nd Edition
Shiva V. N Parasram
About This Book
Take your forensic abilities and investigation skills to the next level using powerful tools that cater to all aspects of digital forensic investigations, right from hashing to reporting
Key Features
- Perform evidence acquisition, preservation, and analysis using a variety of Kali Linux tools
- Use PcapXray to perform timeline analysis of malware and network activity
- Implement the concept of cryptographic hashing and imaging using Kali Linux
Book Description
Kali Linux is a Linux-based distribution that's widely used for penetration testing and digital forensics. It has a wide range of tools to help for digital forensics investigations and incident response mechanisms.
This updated second edition of Digital Forensics with Kali Linux covers the latest version of Kali Linux and The Sleuth Kit. You'll get to grips with modern techniques for analysis, extraction, and reporting using advanced tools such as FTK Imager, hex editor, and Axiom. Updated to cover digital forensics basics and advancements in the world of modern forensics, this book will also delve into the domain of operating systems. Progressing through the chapters, you'll explore various formats for file storage, including secret hiding places unseen by the end user or even the operating system. The book will also show you how to create forensic images of data and maintain integrity using hashing tools. Finally, you'll cover advanced topics such as autopsies and acquiring investigation data from networks, operating system memory, and quantum cryptography.
By the end of this book, you'll have gained hands-on experience of implementing all the pillars of digital forensics: acquisition, extraction, analysis, and presentation, all using Kali Linux tools.
What you will learn
- Get up and running with powerful Kali Linux tools for digital investigation and analysis
- Perform internet and memory forensics with Volatility and Xplico
- Understand filesystems, storage, and data fundamentals
- Become well-versed with incident response procedures and best practices
- Perform ransomware analysis using labs involving actual ransomware
- Carry out network forensics and analysis using NetworkMiner and other tools
Who this book is for
This Kali Linux book is for forensics and digital investigators, security analysts, or anyone interested in learning digital forensics using Kali Linux. Basic knowledge of Kali Linux will be helpful to gain a better understanding of the concepts covered.
Frequently asked questions
Information
Section 1: Kali Linux â Not Just for Penetration Testing
- Chapter 1, Introduction to Digital Forensics
- Chapter 2, Installing Kali Linux
Chapter 1: Introduction to Digital Forensics
- What is digital forensics?
- Digital forensics methodology
- A brief history of digital forensics
- The need for digital forensics as technology advances
- Operating systems and open source tools for digital forensics
- The need for multiple forensics tools in digital investigations
- Commercial forensics tools
- Anti-forensics â threats to digital forensics
What is digital forensics?
- Data recovery: Investigating and recovering data that may have been deleted, changed to different file extensions, and even hidden.
- Identity theft: Many fraudulent activities, ranging from stolen credit card usage to fake social media profiles, usually involving some sort of identity theft.
- Malware and ransomware investigations: To date, ransomware spread by Trojans and worms across networks and the internet are some of the biggest threats to companies, military organizations, and individuals. Malware can also be spread to, and by, mobile devices and smart devices.
- Network and internet investigations: Investigating Denial-of-Service (DoS) and Distributed Denia...