Digital Forensics with Kali Linux
Simplify the art of digital forensics and analysis with Kali Linux
Kali Linux is the most comprehensive distributions for penetration testing and ethical hacking. It has some of the most popular forensics tools available to conduct formal forensics and investigations and perform professional-level forensics.
This video course teaches you all about the forensic analysis of computers and mobile devices that leverage the Kali Linux distribution. You’ll get hands-on, seeing how to conduct each phase of the digital forensics process: acquisition, extraction, analysis, and presentation, using the rich set of open source tools that Kali Linux provides for each activity.
The majority of this tools are also installed on other forensic Linux distributions, so the course is not only limited to Kali Linux but is suitable for any open-source forensic platform in the same way. We start by showing you how to use the tools (dc3dd in particular) to acquire images from the media to be analyzed, either hard drives, mobile devices, thumb drives, or memory cards. The course presents the Autopsy forensic suite and other specialized tools, such as the Sleuth Kit and RegRipper, to extract and analyze various artifacts from a Windows image. It also shows how to perform the analysis of an Android device image using Autopsy. Next, we cover file carving and the recovery of deleted data, and then the process of acquiring and analyzing RAM memory (live analysis) using the Volatility framework.
Another topic is treated in the course, that is network forensics; indeed, the course covers how to use Wireshark to capture and analyze network data packets.
Finally, we demonstrate how to report and present digital evidence found during the analysis. By the end of the course, you will be able to extract and recover data, analyze the acquired data, and report and present digital evidence from a device.
About The Author
Marco Alamanni has professional experience working as a Linux system administrator and Information Security analyst in banks and financial institutions.
He holds a BSc in Computer Science and an MSc in Information Security. His interests in information technology include ethical hacking, digital forensics, malware analysis, Linux, and programming, among other things. He also collaborates with IT magazines to write articles about Linux and IT security.
He has used Kali Linux on various occasions to conduct incident response and forensics in his professional activity, besides using it for penetration testing purposes. He is also the author of “Kali Linux Wireless Penetration Testing Essentials” published by Packt Publishing.
I would like to thank Packt Publishing for having offered me this exciting project and all the people I have worked with during its realization for their guide and support.
A big thank goes to my family, in general, and in particular to my wife Candice and my sons, Niccolò and Fabio Antonio, for their love and encouragement.
This course is dedicated to the memory of a dear and special person, Maria Vitteri, that will always remain in our thoughts and in our hearts.