First response toolkit
As I mentioned before, tools are a vital part of first response procedures. Their proper use will help obtain the evidence required for the investigation without compromising information or systems' integrity.
It is essential to know the technical details of the tools you will use, how they work, and how they interact with the target systems; this will prevent contamination, leading to invalidating it in a legal case or making it unusable when analyzing it.
The goal of these tools is to obtain a forensic image of the device to be investigated. The first responder must integrate these tools into their toolkit to always be prepared.
Fortunately, there are not just commercial tools for first responders; there are also many free and open source reliable options. We will mention and use a few of them in the practical labs for this book's purposes.
There are two categories of tools that are used: those to obtain forensic images and then analyze...
