Develop the skills you need to use Kali Linux for digital forensics investigations
- Learn to use powerful Kali Linux tools for digital investigation and evidence acquisition, preservation, and analysis
- Implement cryptographic hashing and imaging using Kali Linux
- Perform memory forensics with Volatility and internet forensics with Xplico
Kali Linux is a Linux-based distribution used mainly for penetration testing and digital forensics. It has a wide range of tools for forensics investigations and incident response mechanisms, and this book will guide you through effectively using this system.
You will start by understanding the fundamentals of digital forensics and setting up your Kali Linux environment to perform different investigation practices. This Kali Linux book will then delve into operating systems and help you explore different formats for file storage, including secret hiding places unseen by the end user or even the operating system. Later, you'll understand how to create forensic images of data and maintain integrity using hashing tools. Next, you'll discover topics such as autopsies, acquiring investigation data from the network, and file recovery and data carving. The book will also assist you with powerful tools that will help you build on your forensic abilities and investigatory skills.
By the end of this book, you will be equipped with the skills you need to perform different digital forensics tasks such as acquisition, extraction, analysis, and presentation using Kali Linux tools.
What you will learn
- Get to grips with the fundamentals of digital forensics and explore best practices
- Understand file systems, storage, and data fundamentals
- Discover incident response procedures and best practices
- Use DC3DD and Guymager for acquisition and preservation techniques
- Recover deleted data with Foremost and Scalpel
- Find evidence of accessed programs and malicious programs using Volatility
- Perform network and internet capture analysis with Xplico
- Carry out professional digital forensics investigations using the DFF and Autopsy automated forensic suites
Who This Book Is For
This book is for forensics and digital investigators, security analysts, or anyone who wants to learn digital forensics using Kali Linux. Basic knowledge of Kali Linux will be useful.
Table of Contents
- Introduction to Digital Forensics
- Installing Kali Linux
- Understanding File Systems and Storage Media
- Incident Response and Data Acquisition
- Evidence Acquisition and Preservation with DC3DD and Guymager
- File Recovery and Data Carving with Foremost and Scalpel
- Live and Memory Forensics with Volatility
- Autopsy – The Sleuth Kit
- Network and Internet Capture Analysis with Xplico
- Collecting, Preserving and Revealing Evidence using DFF