You're reading from Digital Forensics with Kali Linux Enhance your investigation skills by performing network and memory forensics with Kali Linux 2022.x

Product type Paperback

Published in Apr 2023

Publisher Packt

ISBN-13 9781837635153

Length 414 pages

Edition 3rd Edition

Tools

Kali Linux

Concepts

Cybersecurity

Author (1):

Shiva V. N. Parasram

View More author details

Table of Contents (24) Chapters

Preface

1. Part 1: Blue and Purple Teaming Fundamentals

2. Chapter 1: Red, Blue, and Purple Teaming Fundamentals FREE CHAPTER

3. Chapter 2: Introduction to Digital Forensics

4. Chapter 3: Installing Kali Linux

5. Chapter 4: Additional Kali Installations and Post-Installation Tasks

6. Chapter 5: Installing Wine in Kali Linux

7. Part 2: Digital Forensics and Incident Response Fundamentals and Best Practices

8. Chapter 6: Understanding File Systems and Storage

9. Chapter 7: Incident Response, Data Acquisitions, and DFIR Frameworks

10. Part 3: Kali Linux Digital Forensics and Incident Response Tools

11. Chapter 8: Evidence Acquisition Tools

12. Chapter 9: File Recovery and Data Carving Tools

13. Chapter 10: Memory Forensics and Analysis with Volatility 3

14. Chapter 11: Artifact, Malware, and Ransomware Analysis

15. Part 4: Automated Digital Forensics and Incident Response Suites

16. Chapter 12: Autopsy Forensic Browser

17. Chapter 13: Performing a Full DFIR Analysis with the Autopsy 4 GUI

18. Part 5: Network Forensic Analysis Tools

19. Chapter 14: Network Discovery Tools

20. Chapter 15: Packet Capture Analysis with Xplico

21. Chapter 16: Network Forensic Analysis Tools

22. Index

Why subscribe?

23. Other Books You May Enjoy

Online PCAP analysis using apackets.com

For our final exercise, let’s look at another online packet analysis tool, available at https://apackets.com/. So, let’s get started with the exercise:

Let’s download a sample file from https://www.malware-traffic-analysis.net/2022/06/07/index.html. The name of this file is Emotet-epoch5-infection-with-Cobalt-Strike-.pcap.

Figure 16.36 – A-Packets file upload interface

Click on the From Device button and browse to the downloaded sample file to be uploaded for analysis.

Figure 16.37 – A-Packets file upload status

Once A-Packets has automatically processed and analyzed our .pcap file, a very detailed and categorized breakdown of the findings will be presented, as seen in the following screenshot: