Digital Forensics with Kali Linux
暫譯: 使用 Kali Linux 進行數位鑑識分析
Shiva V.N. Parasram
- 出版商: Packt Publishing
- 出版日期: 2017-12-19
- 售價: $1,830
- 貴賓價: 9.5 折 $1,739
- 語言: 英文
- 頁數: 274
- 裝訂: Paperback
- ISBN: 1788625005
- ISBN-13: 9781788625005
-
相關分類:
資訊安全、kali-linux、Linux
-
其他版本:
Digital Forensics with Kali Linux - Second Edition
買這商品的人也買了...
-
$680$578 -
$420$357 -
$350$298 -
$1,330$1,264 -
$880$748
相關主題
商品描述
Learn the skills you need to take advantage of Kali Linux for digital forensics investigations using this comprehensive guide
Key Features
- Master powerful Kali Linux tools for digital investigation and analysis
- Perform evidence acquisition, preservation, and analysis using various tools within Kali Linux
- Implement the concept of cryptographic hashing and imaging using Kali Linux
- Perform memory forensics with Volatility and internet forensics with Xplico.
- Discover the capabilities of professional forensic tools such as Autopsy and DFF (Digital Forensic Framework) used by law enforcement and military personnel alike
Book Description
Kali Linux is a Linux-based distribution used mainly for penetration testing and digital forensics. It has a wide range of tools to help in forensics investigations and incident response mechanisms.
You will start by understanding the fundamentals of digital forensics and setting up your Kali Linux environment to perform different investigation practices. The book will delve into the realm of operating systems and the various formats for file storage, including secret hiding places unseen by the end user or even the operating system. The book will also teach you to create forensic images of data and maintain integrity using hashing tools. Next, you will also master some advanced topics such as autopsies and acquiring investigation data from the network, operating system memory, and so on. The book introduces you to powerful tools that will take your forensic abilities and investigations to a professional level, catering for all aspects of full digital forensic investigations from hashing to reporting.
By the end of this book, you will have had hands-on experience in implementing all the pillars of digital forensics—acquisition, extraction, analysis, and presentation using Kali Linux tools.
What you will learn
- Get to grips with the fundamentals of digital forensics and explore best practices
- Understand the workings of file systems, storage, and data fundamentals
- Discover incident response procedures and best practices
- Use DC3DD and Guymager for acquisition and preservation techniques
- Recover deleted data with Foremost and Scalpel
- Find evidence of accessed programs and malicious programs using Volatility.
- Perform network and internet capture analysis with Xplico
- Carry out professional digital forensics investigations using the DFF and Autopsy automated forensic suites
Who This Book Is For
This book is targeted at forensics and digital investigators, security analysts, or any stakeholder interested in learning digital forensics using Kali Linux. Basic knowledge of Kali Linux will be an advantage.
Table of Contents
- Introduction to Digital Forensics
- Installing Kali Linux
- Understanding File Systems and Storage Media
- Incident Response and Data Acquisition
- Evidence Acquisition and Preservation with DC3DD and Guymager
- File Recovery and Data Carving with Foremost and Scalpel
- Live and Memory Forensics with Volatility
- Autopsy – The Sleuth Kit
- Network and Internet Capture Analysis with Xplico
- Collecting, Preserving and Revealing Evidence using DFF
商品描述(中文翻譯)
學習利用 Kali Linux 進行數位鑑識調查所需的技能,使用這本全面的指南
主要特點
- 掌握強大的 Kali Linux 工具以進行數位調查和分析
- 使用 Kali Linux 中的各種工具執行證據獲取、保存和分析
- 使用 Kali Linux 實現加密雜湊和影像的概念
- 使用 Volatility 進行記憶體鑑識,並使用 Xplico 進行網路鑑識。
- 發現專業鑑識工具的能力,如 Autopsy 和 DFF(數位鑑識框架),這些工具被執法機構和軍事人員廣泛使用
書籍描述
Kali Linux 是一個基於 Linux 的發行版,主要用於滲透測試和數位鑑識。它擁有廣泛的工具來協助進行鑑識調查和事件響應機制。
您將從理解數位鑑識的基本原則開始,並設置您的 Kali Linux 環境以執行不同的調查實踐。本書將深入探討作業系統及各種檔案儲存格式,包括終端使用者或甚至作業系統無法看到的秘密隱藏位置。本書還將教您如何創建數據的鑑識影像並使用雜湊工具維護完整性。接下來,您還將掌握一些進階主題,如解剖檢查和從網路、作業系統記憶體等獲取調查數據。本書介紹了強大的工具,將您的鑑識能力和調查提升到專業水平,涵蓋從雜湊到報告的全方位數位鑑識調查。
在本書結束時,您將擁有實作所有數位鑑識支柱的經驗——獲取、提取、分析和展示,使用 Kali Linux 工具。
您將學到什麼
- 掌握數位鑑識的基本原則並探索最佳實踐
- 了解檔案系統、儲存和數據的基本運作
- 發現事件響應程序和最佳實踐
- 使用 DC3DD 和 Guymager 進行獲取和保存技術
- 使用 Foremost 和 Scalpel 恢復已刪除的數據
- 使用 Volatility 查找訪問過的程式和惡意程式的證據。
- 使用 Xplico 進行網路和互聯網捕獲分析
- 使用 DFF 和 Autopsy 自動化鑑識套件進行專業的數位鑑識調查
本書適合誰
本書針對數位鑑識調查員、安全分析師或任何有興趣學習使用 Kali Linux 進行數位鑑識的相關人員。具備基本的 Kali Linux 知識將是優勢。
目錄
- 數位鑑識簡介
- 安裝 Kali Linux
- 理解檔案系統和儲存媒介
- 事件響應和數據獲取
- 使用 DC3DD 和 Guymager 進行證據獲取和保存
- 使用 Foremost 和 Scalpel 進行檔案恢復和數據雕刻
- 使用 Volatility 進行即時和記憶體鑑識
- Autopsy – The Sleuth Kit
- 使用 Xplico 進行網路和互聯網捕獲分析
- 使用 DFF 收集、保存和揭示證據