Kali Linux is the most comprehensive distributions for penetration
testing and ethical hacking. It has some of the most popular forensics
tools available to conduct formal forensics and investigations and
perform professional-level forensics.
This video course teaches you all about the forensic analysis of
computers and mobile devices that leverage the Kali Linux distribution.
You’ll get hands-on, seeing how to conduct each phase of the digital
forensics process: acquisition, extraction, analysis, and presentation,
using the rich set of open source tools that Kali Linux provides for
The majority of this tools are also installed on other forensic Linux
distributions, so the course is not only limited to Kali Linux but is
suitable for any open-source forensic platform in the same way. We start
by showing you how to use the tools (dc3dd in particular) to acquire
images from the media to be analyzed, either hard drives, mobile
devices, thumb drives, or memory cards. The course presents the Autopsy
forensic suite and other specialized tools, such as the Sleuth Kit and
RegRipper, to extract and analyze various artifacts from a Windows
image. It also shows how to perform the analysis of an Android device
image using Autopsy. Next, we cover file carving and the recovery of
deleted data, and then the process of acquiring and analyzing RAM memory
(live analysis) using the Volatility framework.
Another topic is treated in the course, that is network forensics;
indeed, the course covers how to use Wireshark to capture and analyze
network data packets.
Finally, we demonstrate how to report and present digital evidence
found during the analysis. By the end of the course, you will be able to
extract and recover data, analyze the acquired data, and report and
present digital evidence from a device.
About The Author
Marco Alamanni has professional experience working as a Linux system
administrator and Information Security analyst in banks and financial
He holds a BSc in Computer Science and an MSc in Information
Security. His interests in information technology include ethical
hacking, digital forensics, malware analysis, Linux, and programming,
among other things. He also collaborates with IT magazines to write
articles about Linux and IT security.
He has used Kali Linux on various occasions to conduct incident
response and forensics in his professional activity, besides using it
for penetration testing purposes. He is also the author of “Kali Linux
Wireless Penetration Testing Essentials” published by Packt Publishing.
I would like to thank Packt Publishing for having offered me this
exciting project and all the people I have worked with during its
realization for their guide and support.
A big thank goes to my family, in general, and in particular to my
wife Candice and my sons, Niccolò and Fabio Antonio, for their love and
This course is dedicated to the memory of a dear and special person,
Maria Vitteri, that will always remain in our thoughts and in our