Digital Forensics with Kali Linux, 2nd Edition

Book Description

Take your forensic abilities and investigation skills to the next level using powerful tools that cater to all aspects of digital forensic investigations right from hashing to reporting

Key Features

• Perform evidence acquisition, preservation, and analysis using a variety of Kali Linux tools
• Explore the Digital Forensics Framework (DFF) and Autopsy automated forensic suites for digital forensics investigation
• Implement the concept of cryptographic hashing and imaging using Kali Linux

Book Description

Kali Linux is a Linux-based distribution widely used for penetration testing and digital forensics. It has a wide range of tools to help in forensic investigations and incident response mechanisms.

This updated edition of Digital Forensics with Kali Linux covers the latest version of Kali Linux and The Sleuth Kit. You’ll learn modern techniques for analysis, extraction, and reporting using advanced tools such as FTK Imager, hex editor, and Axiom. Updated to cover the fundamentals of digital forensics and advances in the world of modern forensics, this Kali Linux book will delve into the realm of operating systems. You’ll explore various formats for file storage, including secret hiding places unseen by the end user or even the operating system. You’ll also learn how to create forensic images of data and maintain integrity using hashing tools. Finally, you’ll get to grips with advanced topics such as autopsies and acquiring investigation data from networks, operating system memory, and quantum cryptography.

By the end of this book, you’ll have gained hands-on experience in implementing all the pillars of digital forensics acquisition, extraction, analysis, and presentation using Kali Linux tools.

What you will learn

• Master powerful Kali Linux tools for digital investigation and analysis
• Understand filesystems, storage, and data fundamentals
• Discover incident response procedures and best practices
• Perform memory and internet forensics with Volatility and Xplico
• Carry out ransomware analysis using labs involving actual ransomware
• Perform network forensics and analysis using Network Miner and other tools

Who This Book Is For

This book is for forensics and digital investigators, security analysts, and anyone interested in learning digital forensics using Kali Linux. Basic knowledge of Kali Linux will be helpful.

中文：

书名：使用Kali Linux的数字取证，第2版

使用强大的工具将您的取证能力和调查技能提升到一个新的水平，这些工具可满足数字取证调查从散列到报告的方方面面

主要特点

• 使用各种Kali Linux工具执行证据获取、保存和分析
• 探索用于数字取证调查的数字取证框架(DFF)和尸检自动取证套件
• 使用Kali Linux实现加密散列和映像的概念

图书描述

Kali Linux是一个基于Linux的发行版，广泛用于渗透测试和数字取证。它拥有广泛的工具来帮助进行法医调查和建立事件应对机制。

使用Kali Linux的数字取证的这一更新版本涵盖了最新版本的Kali Linux和Sleuth Kit。您将学习使用高级工具(如FTK Imager、十六进制编辑器和Axiom)进行分析、提取和报告的现代技术。更新以涵盖数字取证的基础知识和现代取证世界的进步，这本Kali Linux书将深入操作系统领域。您将探索各种文件存储格式，包括终端用户甚至操作系统看不到的秘密隐藏位置。您还将学习如何创建数据的取证映像并使用散列工具维护完整性。最后，您将掌握高级主题，如尸检和从网络获取调查数据、操作系统内存和量子密码学。

到本书结束时，您将在使用Kali Linux工具实现数字取证采集、提取、分析和演示的所有支柱方面获得实践经验。

What you will learn

• Master powerful Kali Linux tools for digital investigation and analysis
• 了解文件系统、存储和数据基础知识
• 了解事件响应程序和最佳实践
• 使用易失性和Xplico执行内存和互联网取证
• 使用实验室执行涉及实际勒索软件的勒索软件分析
• 使用Network Miner和其他工具执行网络取证和分析

这本书是为谁写的

本书面向取证和数字调查人员、安全分析师以及任何对使用Kali Linux学习数字取证感兴趣的人。了解Kali Linux的基本知识将有所帮助。