Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Digital Forensics with Kali Linux

You're reading from   Digital Forensics with Kali Linux Enhance your investigation skills by performing network and memory forensics with Kali Linux 2022.x

Arrow left icon
Product type Paperback
Published in Apr 2023
Publisher Packt
ISBN-13 9781837635153
Length 414 pages
Edition 3rd Edition
Arrow right icon
Author (1):
Arrow left icon
Shiva V. N. Parasram Shiva V. N. Parasram
Author Profile Icon Shiva V. N. Parasram
Shiva V. N. Parasram
Arrow right icon
View More author details
Toc

Table of Contents (24) Chapters Close

Preface 1. Part 1: Blue and Purple Teaming Fundamentals
2. Chapter 1: Red, Blue, and Purple Teaming Fundamentals FREE CHAPTER 3. Chapter 2: Introduction to Digital Forensics 4. Chapter 3: Installing Kali Linux 5. Chapter 4: Additional Kali Installations and Post-Installation Tasks 6. Chapter 5: Installing Wine in Kali Linux 7. Part 2: Digital Forensics and Incident Response Fundamentals and Best Practices
8. Chapter 6: Understanding File Systems and Storage 9. Chapter 7: Incident Response, Data Acquisitions, and DFIR Frameworks 10. Part 3: Kali Linux Digital Forensics and Incident Response Tools
11. Chapter 8: Evidence Acquisition Tools 12. Chapter 9: File Recovery and Data Carving Tools 13. Chapter 10: Memory Forensics and Analysis with Volatility 3 14. Chapter 11: Artifact, Malware, and Ransomware Analysis 15. Part 4: Automated Digital Forensics and Incident Response Suites
16. Chapter 12: Autopsy Forensic Browser 17. Chapter 13: Performing a Full DFIR Analysis with the Autopsy 4 GUI 18. Part 5: Network Forensic Analysis Tools
19. Chapter 14: Network Discovery Tools 20. Chapter 15: Packet Capture Analysis with Xplico 21. Chapter 16: Network Forensic Analysis Tools 22. Index 23. Other Books You May Enjoy

Using Hybrid Analysis for malicious file analysis

You can also use an online tool such as Hybrid Analysis (https://www.hybrid-analysis.com/) to analyze suspicious files of all types. If you suspect that a link or URL may be suspicious within an email, you can also paste the link into this site for analysis.

As an example, I’ll use the very same testpdf.pdf file that I analyzed using pdf-parse and PDFiD in the previous section. I’ll first visit the https://www.hybrid-analysis.com website and drag the suspect file into the upload area and click on Analyze, as seen in the following screenshot.

Figure 11.19 – hybrid-analysis.com website

Figure 11.19 – hybrid-analysis.com website

After submitting the PDF file, the results show the file to be possibly malicious, as seen in the following screenshot:

Figure 11.20 – hybrid-analysis.com file analysis and results

Figure 11.20 – hybrid-analysis.com file analysis and results

The details on the file’s unusual characteristics and suspicious indicators...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image