Digital forensics with Kali Linux : perform data acquisition, digital investigation, and threat analysis using Kali Linux tools /
Shiva V.N. Parasram.
- Birmingham, UK : Packt Publishing, Limited, c2017
- v, 256 pages : illustrations ; 24 cm.
Includes index.
Introduction to Digital Forensics -- Installing Kali Linux -- Understanding File Systems and Storage Media -- Incident Response and Data Acquisition -- Evidence Acquisition and Preservation with DC3DD and Guymager -- File Recovery and Data Carving with Foremost and Scalpel -- Live and Memory Forensics with Volatility -- Autopsy - The Sleuth Kit -- Network and Internet Capture Analysis with Xplico -- Collecting, Preserving and Revealing Evidence using DFF
Kali Linux is a Linux-based distribution used mainly for penetration testing and digital forensics. It has a wide range of tools for forensics investigations and incident response mechanisms, and this book will guide you through effectively using this system. You will start by understanding the fundamentals of digital forensics and setting up your Kali Linux environment to perform different investigation practices. This Kali Linux book will then delve into operating systems and help you explore different formats for file storage, including secret hiding places unseen by the end user or even the operating system. Later, you'll understand how to create forensic images of data and maintain integrity using hashing tools. Next, you'll discover topics such as autopsies, acquiring investigation data from the network, and file recovery and data carving. The book will also assist you with powerful tools that will help you build on your forensic abilities and investigatory skills. By the end of this book, you will be equipped with the skills you need to perform different digital forensics tasks such as acquisition, extraction, analysis, and presentation using Kali Linux tools.