Digital Forensics with Kali Linux : Enhance your investigation skills by performing network and memory forensics with Kali Linux 2022.x, 3/e (Paperback)

Parasram, Shiva V. N.

Digital Forensics with Kali Linux : Enhance your investigation skills by performing network and memory forensics with Kali Linux 2022.x, 3/e (Paperback)
  • 出版商: Packt Publishing
  • 出版日期: 2023-04-14
  • 售價: $1,680
  • 貴賓價: 9.5$1,596
  • 語言: 英文
  • 頁數: 414
  • 裝訂: Quality Paper - also called trade paper
  • ISBN: 1837635153
  • ISBN-13: 9781837635153
  • 相關分類: 資訊安全kali-linuxLinux

    • 立即出貨 (庫存=1)

買這商品的人也買了...

商品描述

Explore various digital forensics methodologies and frameworks and manage your cyber incidents effectively

Key Features

  • Gain red, blue, and purple team tool insights and understand their link with digital forensics
  • Perform DFIR investigation and get familiarized with Autopsy 4
  • Explore network discovery and forensics tools such as Nmap, Wireshark, Xplico, and Shodan

Book Description

Kali Linux is a Linux-based distribution that's widely used for penetration testing and digital forensics. This third edition is updated with real-world examples and detailed labs to help you take your investigation skills to the next level using powerful tools.

This new edition will help you explore modern techniques for analysis, extraction, and reporting using advanced tools such as FTK Imager, Hex Editor, and Axiom. You'll cover the basics and advanced areas of digital forensics within the world of modern forensics while delving into the domain of operating systems. As you advance through the chapters, you'll explore various formats for file storage, including secret hiding places unseen by the end user or even the operating system. You'll also discover how to install Windows Emulator, Autopsy 4 in Kali, and how to use Nmap and NetDiscover to find device types and hosts on a network, along with creating forensic images of data and maintaining integrity using hashing tools. Finally, you'll cover advanced topics such as autopsies and acquiring investigation data from networks, memory, and operating systems.

By the end of this digital forensics book, you'll have gained hands-on experience in implementing all the pillars of digital forensics: acquisition, extraction, analysis, and presentation – all using Kali Linux's cutting-edge tools.

What you will learn

  • Install Kali Linux on Raspberry Pi 4 and various other platforms
  • Run Windows applications in Kali Linux using Windows Emulator as Wine
  • Recognize the importance of RAM, file systems, data, and cache in DFIR
  • Perform file recovery, data carving, and extraction using Magic Rescue
  • Get to grips with the latest Volatility 3 framework and analyze the memory dump
  • Explore the various ransomware types and discover artifacts for DFIR investigation
  • Perform full DFIR automated analysis with Autopsy 4
  • Become familiar with network forensic analysis tools (NFATs)

Who this book is for

This book is for students, forensic analysts, digital forensics investigators and incident responders, security analysts and administrators, penetration testers, or anyone interested in enhancing their forensics abilities using the latest version of Kali Linux along with powerful automated analysis tools. Basic knowledge of operating systems, computer components, and installation processes will help you gain a better understanding of the concepts covered.

商品描述(中文翻譯)

探索各種數位取證方法和框架,有效管理您的網路事件

主要特點:

- 瞭解紅隊、藍隊和紫隊工具,並了解它們與數位取證的關聯
- 進行數位取證調查,並熟悉 Autopsy 4
- 探索網路發現和數位取證工具,如 Nmap、Wireshark、Xplico 和 Shodan

書籍描述:

Kali Linux 是一個基於 Linux 的發行版,廣泛用於滲透測試和數位取證。這本第三版通過實際案例和詳細實驗室來更新,幫助您使用強大的工具提升調查技能。

這本新版將幫助您探索使用高級工具(如 FTK Imager、Hex Editor 和 Axiom)進行分析、提取和報告的現代技術。您將在現代取證領域中探索基礎和高級領域,並深入研究操作系統的領域。隨著您進一步閱讀,您將探索各種文件存儲格式,包括終端用戶或操作系統看不見的秘密隱藏位置。您還將了解如何在 Kali 中安裝 Windows 模擬器、Autopsy 4,以及如何使用 Nmap 和 NetDiscover 在網路上尋找設備類型和主機,以及如何使用哈希工具創建數據的取證映像和維護完整性。最後,您將涵蓋高級主題,如解剖學,以及從網路、記憶體和操作系統中獲取調查數據。

通過閱讀本書,您將在實施數位取證的所有支柱:取證、提取、分析和呈現方面獲得實踐經驗,並使用 Kali Linux 的尖端工具。

您將學到什麼:

- 在 Raspberry Pi 4 和其他平台上安裝 Kali Linux
- 使用 Windows 模擬器(如 Wine)在 Kali Linux 中運行 Windows 應用程式
- 瞭解 RAM、檔案系統、數據和快取在數位取證中的重要性
- 使用 Magic Rescue 進行檔案恢復、數據切割和提取
- 熟悉最新的 Volatility 3 框架,並分析記憶體轉儲
- 探索各種勒索軟體類型,並發現數位取證調查的證據
- 使用 Autopsy 4 進行完整的數位取證自動化分析
- 熟悉網路數位取證分析工具(NFATs)

本書適合對象:

本書適合學生、數位取證分析師、數位取證調查員和事件應對人員、安全分析師和管理員、滲透測試人員,或任何有興趣使用最新版本的 Kali Linux 和強大的自動化分析工具來提升其取證能力的人。基本的操作系統、電腦組件和安裝過程的知識將有助於更好地理解所涵蓋的概念。

目錄大綱

  1. Red, Blue, and Purple Teaming Fundamentals
  2. Introduction to Digital Forensics
  3. Installing Kali Linux
  4. Additional Kali Installations and Post-Installation Tasks
  5. Installing Wine in Kali Linux
  6. Understanding File Systems and Storage
  7. Incident Response, Data Acquisitions, and DFIR Frameworks
  8. Evidence Acquisition Tools
  9. File Recovery and Data Carving Tools
  10. Memory Forensics and Analysis with Volatility 3
  11. Artifact, Malware, and Ransomware Analysis
  12. Autopsy Forensic Browser
  13. Performing a Full DFIR Analysis with the Autopsy 4 GUI
  14. Network Discovery Tools
  15. Packet Capture Analysis with Xplico
  16. Network Forensic Analysis Tools

目錄大綱(中文翻譯)

- 紅隊、藍隊和紫隊基礎知識
- 數位取證入門
- 安裝 Kali Linux
- 額外的 Kali 安裝和安裝後的任務
- 在 Kali Linux 中安裝 Wine
- 理解檔案系統和儲存
- 事件回應、資料取得和 DFIR 框架
- 證據取得工具
- 檔案恢復和資料切割工具
- 記憶體取證和使用 Volatility 3 進行分析
- 文物、惡意軟體和勒索軟體分析
- Autopsy 取證瀏覽器
- 使用 Autopsy 4 GUI 進行完整的 DFIR 分析
- 網路探索工具
- 使用 Xplico 進行封包擷取分析
- 網路取證分析工具

類似商品