Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Digital Forensics with Kali Linux

You're reading from   Digital Forensics with Kali Linux Perform data acquisition, data recovery, network forensics, and malware analysis with Kali Linux 2019.x

Arrow left icon
Product type Paperback
Published in Apr 2020
Publisher Packt
ISBN-13 9781838640804
Length 334 pages
Edition 2nd Edition
Concepts
Arrow right icon
Author (1):
Arrow left icon
Shiva V. N. Parasram Shiva V. N. Parasram
Author Profile Icon Shiva V. N. Parasram
Shiva V. N. Parasram
Arrow right icon
View More author details
Toc

Table of Contents (17) Chapters Close

Preface 1. Section 1: Kali Linux – Not Just for Penetration Testing
2. Chapter 1: Introduction to Digital Forensics FREE CHAPTER 3. Chapter 2: Installing Kali Linux 4. Section 2: Forensic Fundamentals and Best Practices
5. Chapter 3: Understanding Filesystems and Storage Media 6. Chapter 4: Incident Response and Data Acquisition 7. Section 3: Forensic Tools in Kali Linux
8. Chapter 5: Evidence Acquisition and Preservation with dc3dd and Guymager 9. Chapter 6: File Recovery and Data Carving with foremost, Scalpel, and bulk_extractor 10. Chapter 7: Memory Forensics with Volatility 11. Chapter 8: Artifact Analysis 12. Section 4: Automated Digital Forensic Suites
13. Chapter 9: Autopsy 14. Chapter 10: Analysis with Xplico 15. Chapter 11: Network Analysis 16. Other Books You May Enjoy

Identifying devices and operating systems with p0f

If you're using the VirtualBox version of Kali 2019.3 (kali-linux-2019.3a-vbox-amd64.ova), you may have to install p0f by typing in apt-install get p0f. If you're using the Kali 2019.3 Large.iso image, it should come preinstalled.

You may also use the help option within p0f to verify that it is installed on your system by typing p0f –h. This displays the network interface options, operating mode, output settings, and performance-related options:

Figure 8.1 – p0f help options

Once verified, we can run the p0f command without additional switches or options by typing in p0f, which runs the tool against our machine. In this scenario, my IP address is 172.16.77.159:

  1. Typing in the p0f command starts the fingerprint process. It may look like the tool has stopped but give it a couple of minutes to perform the scan and display the output:

    Figure 8.2 – Starting p0f in Kali

  2. ...
lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at AU $24.99/month. Cancel anytime