You're reading from Digital Forensics with Kali Linux Perform data acquisition, data recovery, network forensics, and malware analysis with Kali Linux 2019.x

Product type Paperback

Published in Apr 2020

Publisher Packt

ISBN-13 9781838640804

Length 334 pages

Edition 2nd Edition

Tools

Kali Linux

Concepts

Forensics

Author (1):

Shiva V. N. Parasram

View More author details

Table of Contents (17) Chapters

Preface

1. Section 1: Kali Linux – Not Just for Penetration Testing

2. Chapter 1: Introduction to Digital Forensics FREE CHAPTER

3. Chapter 2: Installing Kali Linux

4. Section 2: Forensic Fundamentals and Best Practices

5. Chapter 3: Understanding Filesystems and Storage Media

6. Chapter 4: Incident Response and Data Acquisition

7. Section 3: Forensic Tools in Kali Linux

8. Chapter 5: Evidence Acquisition and Preservation with dc3dd and Guymager

9. Chapter 6: File Recovery and Data Carving with foremost, Scalpel, and bulk_extractor

10. Chapter 7: Memory Forensics with Volatility

11. Chapter 8: Artifact Analysis

12. Section 4: Automated Digital Forensic Suites

13. Chapter 9: Autopsy

14. Chapter 10: Analysis with Xplico

15. Chapter 11: Network Analysis

16. Other Books You May Enjoy

Chapter 11: Network Analysis

We're at the last chapter now but, instead of slowing things down, I believe in finishing strong. Let's have a go at some network forensics.

We've done quite a bit of acquisition and analysis thus far, including hard drive, storage, RAM, and swap file analysis to acquire, document, and analyze evidence in the hopes of finding or recovering artifacts. Let's go a step further by analyzing protocols and network communication as they may also be useful artifacts that can aid us in our investigations.

Seeing that some incidents and crimes occur over the internet, or even a Local Area Network (LAN), capturing and analyzing network traffic should be an essential part of our investigative process. Packet captures can be used to reveal artifacts that may help us to better understand an incident, point to its origin, and even, in some cases, assist in extending the scope of the investigation if it is suspected that the incident may not be...