Digital Forensics with Kali Linux
Shiva V.N. Parasram
Learn the skills you need to take advantage of Kali Linux for digital forensics investigations using this comprehensive guide
- Master powerful Kali Linux tools for digital investigation and analysis
- Perform evidence acquisition, preservation, and analysis using various tools within Kali Linux
- Implement the concept of cryptographic hashing and imaging using Kali Linux
- Perform memory forensics with Volatility and internet forensics with Xplico.
- Discover the capabilities of professional forensic tools such as Autopsy and DFF (Digital Forensic Framework) used by law enforcement and military personnel alike
Kali Linux is a Linux-based distribution used mainly for penetration testing and digital forensics. It has a wide range of tools to help in forensics investigations and incident response mechanisms.
You will start by understanding the fundamentals of digital forensics and setting up your Kali Linux environment to perform different investigation practices. The book will delve into the realm of operating systems and the various formats for file storage, including secret hiding places unseen by the end user or even the operating system. The book will also teach you to create forensic images of data and maintain integrity using hashing tools. Next, you will also master some advanced topics such as autopsies and acquiring investigation data from the network, operating system memory, and so on. The book introduces you to powerful tools that will take your forensic abilities and investigations to a professional level, catering for all aspects of full digital forensic investigations from hashing to reporting.
By the end of this book, you will have had hands-on experience in implementing all the pillars of digital forensics—acquisition, extraction, analysis, and presentation using Kali Linux tools.
What you will learn
- Get to grips with the fundamentals of digital forensics and explore best practices
- Understand the workings of file systems, storage, and data fundamentals
- Discover incident response procedures and best practices
- Use DC3DD and Guymager for acquisition and preservation techniques
- Recover deleted data with Foremost and Scalpel
- Find evidence of accessed programs and malicious programs using Volatility.
- Perform network and internet capture analysis with Xplico
- Carry out professional digital forensics investigations using the DFF and Autopsy automated forensic suites
Who This Book Is For
This book is targeted at forensics and digital investigators, security analysts, or any stakeholder interested in learning digital forensics using Kali Linux. Basic knowledge of Kali Linux will be an advantage.
Table of Contents
- Introduction to Digital Forensics
- Installing Kali Linux
- Understanding File Systems and Storage Media
- Incident Response and Data Acquisition
- Evidence Acquisition and Preservation with DC3DD and Guymager
- File Recovery and Data Carving with Foremost and Scalpel
- Live and Memory Forensics with Volatility
- Autopsy – The Sleuth Kit
- Network and Internet Capture Analysis with Xplico
- Collecting, Preserving and Revealing Evidence using DFF