Sign In Start Free Trial
Account

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Digital Forensics with Kali Linux
  • Table Of Contents Toc
  • Feedback & Rating feedback
Digital Forensics with Kali Linux

Digital Forensics with Kali Linux

By : Shiva V. N. Parasram
2 (1)
close
close
Digital Forensics with Kali Linux

Digital Forensics with Kali Linux

2 (1)
By: Shiva V. N. Parasram

Overview of this book

Kali Linux is a Linux-based distribution that's widely used for penetration testing and digital forensics. It has a wide range of tools to help for digital forensics investigations and incident response mechanisms. This updated second edition of Digital Forensics with Kali Linux covers the latest version of Kali Linux and The Sleuth Kit. You'll get to grips with modern techniques for analysis, extraction, and reporting using advanced tools such as FTK Imager, hex editor, and Axiom. Updated to cover digital forensics basics and advancements in the world of modern forensics, this book will also delve into the domain of operating systems. Progressing through the chapters, you'll explore various formats for file storage, including secret hiding places unseen by the end user or even the operating system. The book will also show you how to create forensic images of data and maintain integrity using hashing tools. Finally, you'll cover advanced topics such as autopsies and acquiring investigation data from networks, operating system memory, and quantum cryptography. By the end of this book, you'll have gained hands-on experience of implementing all the pillars of digital forensics: acquisition, extraction, analysis, and presentation, all using Kali Linux tools.
Table of Contents (17 chapters)
close
close
1
Section 1: Kali Linux – Not Just for Penetration Testing
4
Section 2: Forensic Fundamentals and Best Practices
7
Section 3: Forensic Tools in Kali Linux
12
Section 4: Automated Digital Forensic Suites
16
Other Books You May Enjoy

Downloading test images for use with Volatility

For this chapter, we'll be using a Windows XP image named 0zapftis.vmem, which can be downloaded directly from https://github.com/volatilityfoundation/volatility/wiki/Memory-Samples.

The reason for using this specific Windows XP sample memory dump is that it is one of the very few dumps publicly available that contains isolated malware that will not affect the user's machines.

Select the link within the Description column, Malware – R2D2 (pw: infected), to download the 0zapftis.vmem image. When prompted to extract, the password is infected:

Figure 7.1 – Volatility sample file download list

It can also be downloaded directly from http://www.mediafire.com/file/yxqodp1p2aca91x/0zapftis.rar.

Important note

There are many other images on this page that are also publicly available for analysis. To practice working with the Volatility Framework and further enhance your analytical...

Unlock full access

Continue reading for free

A Packt free trial gives you instant online access to our library of over 7000 practical eBooks and videos, constantly updated with the latest in tech

Create a Note

Modal Close icon
You need to login to use this feature.
notes
bookmark search playlist download font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected

Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Delete Note

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Edit Note

Modal Close icon
Write a note (max 255 characters)
Cancel
Update Note

Confirmation

Modal Close icon
claim successful

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY