Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Digital Forensics with Kali Linux

You're reading from   Digital Forensics with Kali Linux Perform data acquisition, data recovery, network forensics, and malware analysis with Kali Linux 2019.x

Arrow left icon
Product type Paperback
Published in Apr 2020
Publisher Packt
ISBN-13 9781838640804
Length 334 pages
Edition 2nd Edition
Concepts
Arrow right icon
Author (1):
Arrow left icon
Shiva V. N. Parasram Shiva V. N. Parasram
Author Profile Icon Shiva V. N. Parasram
Shiva V. N. Parasram
Arrow right icon
View More author details
Toc

Table of Contents (17) Chapters Close

Preface 1. Section 1: Kali Linux – Not Just for Penetration Testing
2. Chapter 1: Introduction to Digital Forensics FREE CHAPTER 3. Chapter 2: Installing Kali Linux 4. Section 2: Forensic Fundamentals and Best Practices
5. Chapter 3: Understanding Filesystems and Storage Media 6. Chapter 4: Incident Response and Data Acquisition 7. Section 3: Forensic Tools in Kali Linux
8. Chapter 5: Evidence Acquisition and Preservation with dc3dd and Guymager 9. Chapter 6: File Recovery and Data Carving with foremost, Scalpel, and bulk_extractor 10. Chapter 7: Memory Forensics with Volatility 11. Chapter 8: Artifact Analysis 12. Section 4: Automated Digital Forensic Suites
13. Chapter 9: Autopsy 14. Chapter 10: Analysis with Xplico 15. Chapter 11: Network Analysis 16. Other Books You May Enjoy

Packet capture analysis using Xplico

The protocols that we can investigate using Xplico include, but are not limited to, the following:

  • Transmission Control Protocol (TCP)
  • User Datagram Protocol (UDP)
  • Hypertext Transfer Protocol (HTTP)
  • File Transfer Protocol (FTP)
  • Trivial FTP (TFTP)
  • Session Initiation Protocol (SIP)
  • Post Office Protocol (POP)
  • Internet Map Access Protocol (IMAP)
  • Simple Mail Transfer Protocol (SMTP)

Data contained in network and internet packet captures, and even live acquisition, can contain artifacts such as the following:

  • HTTP traffic, such as websites browsed
  • Email
  • Facebook chats
  • Real-time transport protocol (RTP) and Voice over Internet Protocol (VoIP)
  • Printed files

    Important note:

    Traffic encrypted using Secure Sockets Layer (SSL) cannot currently be viewed with Xplico.

Specialized commercial tools, such as FTK, EnCase, and Belkasoft, may have to be purchased to view encrypted traffic...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime