Digital Forensics with Kali Linux Second Edition
Perform data acquisition, data recovery, network forensics, and malware analysis with Kali Linux 2019.x
Packt(GCO Science)
2020년 04월 17일 출간
(개의 리뷰)
(
0%
의 구매자)
- eBook 상품 정보
- 파일 정보 PDF (22.91MB)
- ISBN 9781838644109
- 지원기기 교보eBook App, PC e서재, 리더기, 웹뷰어
-
교보eBook App
듣기(TTS) 가능
TTS 란?텍스트를 음성으로 읽어주는 기술입니다.
- 전자책의 편집 상태에 따라 본문의 흐름과 다르게 텍스트를 읽을 수 있습니다.
- 이미지 형태로 제작된 전자책 (예 : ZIP 파일)은 TTS 기능을 지원하지 않습니다.
PDF 필기가능 (Android, iOS)
소득공제
소장
정가 : 21,000원
쿠폰적용가 18,900원
10% 할인 | 5%P 적립이 상품은 배송되지 않는 디지털 상품이며,
교보eBook앱이나 웹뷰어에서 바로 이용가능합니다.
카드&결제 혜택
- 5만원 이상 구매 시 추가 2,000P
- 3만원 이상 구매 시, 등급별 2~4% 추가 최대 416P
- 리뷰 작성 시, e교환권 추가 최대 200원
작품소개
이 상품이 속한 분야
▶Book Description
Kali Linux is a Linux-based distribution that's widely used for penetration testing and digital forensics. It has a wide range of tools to help for digital forensics investigations and incident response mechanisms.
This updated second edition of Digital Forensics with Kali Linux covers the latest version of Kali Linux and The Sleuth Kit. You'll get to grips with modern techniques for analysis, extraction, and reporting using advanced tools such as FTK Imager, hex editor, and Axiom. Updated to cover digital forensics basics and advancements in the world of modern forensics, this book will also delve into the domain of operating systems. Progressing through the chapters, you'll explore various formats for file storage, including secret hiding places unseen by the end user or even the operating system. The book will also show you how to create forensic images of data and maintain integrity using hashing tools. Finally, you'll cover advanced topics such as autopsies and acquiring investigation data from networks, operating system memory, and quantum cryptography.
By the end of this book, you'll have gained hands-on experience of implementing all the pillars of digital forensics: acquisition, extraction, analysis, and presentation, all using Kali Linux tools.
▶What You Will Learn
- Get up and running with powerful Kali Linux tools for digital investigation and analysis
- Perform internet and memory forensics with Volatility and Xplico
- Understand filesystems, storage, and data fundamentals
- Become well-versed with incident response procedures and best practices
- Perform ransomware analysis using labs involving actual ransomware
- Carry out network forensics and analysis using NetworkMiner and other tools
▶Key Features
- Perform evidence acquisition, preservation, and analysis using a variety of Kali Linux tools
- Use PcapXray to perform timeline analysis of malware and network activity
- Implement the concept of cryptographic hashing and imaging using Kali Linux
▶Who This Book Is For
This Kali Linux book is for forensics and digital investigators, security analysts, or anyone interested in learning digital forensics using Kali Linux. Basic knowledge of Kali Linux will be helpful to gain a better understanding of the concepts covered.
Kali Linux is a Linux-based distribution that's widely used for penetration testing and digital forensics. It has a wide range of tools to help for digital forensics investigations and incident response mechanisms.
This updated second edition of Digital Forensics with Kali Linux covers the latest version of Kali Linux and The Sleuth Kit. You'll get to grips with modern techniques for analysis, extraction, and reporting using advanced tools such as FTK Imager, hex editor, and Axiom. Updated to cover digital forensics basics and advancements in the world of modern forensics, this book will also delve into the domain of operating systems. Progressing through the chapters, you'll explore various formats for file storage, including secret hiding places unseen by the end user or even the operating system. The book will also show you how to create forensic images of data and maintain integrity using hashing tools. Finally, you'll cover advanced topics such as autopsies and acquiring investigation data from networks, operating system memory, and quantum cryptography.
By the end of this book, you'll have gained hands-on experience of implementing all the pillars of digital forensics: acquisition, extraction, analysis, and presentation, all using Kali Linux tools.
▶What You Will Learn
- Get up and running with powerful Kali Linux tools for digital investigation and analysis
- Perform internet and memory forensics with Volatility and Xplico
- Understand filesystems, storage, and data fundamentals
- Become well-versed with incident response procedures and best practices
- Perform ransomware analysis using labs involving actual ransomware
- Carry out network forensics and analysis using NetworkMiner and other tools
▶Key Features
- Perform evidence acquisition, preservation, and analysis using a variety of Kali Linux tools
- Use PcapXray to perform timeline analysis of malware and network activity
- Implement the concept of cryptographic hashing and imaging using Kali Linux
▶Who This Book Is For
This Kali Linux book is for forensics and digital investigators, security analysts, or anyone interested in learning digital forensics using Kali Linux. Basic knowledge of Kali Linux will be helpful to gain a better understanding of the concepts covered.
▶TABLE of CONTENTS
▷ Section 1: Kali Linux ? Not Just for Penetration Testing
Chapter 1: Introduction to Digital Forensics
Chapter 2: Installing Kali Linux
▷ Section 2: Forensic Fundamentals and Best Practices
Chapter 3: Understanding Filesystems and Storage Media
Chapter 4: Incident Response and Data Acquisition
▷ Section 3: Forensic Tools in Kali Linux
Chapter 5: Evidence Acquisition and Preservation with dc3dd and Guymager
Chapter 6: File Recovery and Data Carving with foremost, Scalpel, and bulk_extractor
Chapter 7: Memory Forensics with Volatility
Chapter 8: Artifact Analysis
▷ Section 4: Automated Digital Forensic Suites
Chapter 9: Autopsy
Chapter 10: Analysis with Xplico
Chapter 11: Network Analysis
▷ Section 1: Kali Linux ? Not Just for Penetration Testing
Chapter 1: Introduction to Digital Forensics
Chapter 2: Installing Kali Linux
▷ Section 2: Forensic Fundamentals and Best Practices
Chapter 3: Understanding Filesystems and Storage Media
Chapter 4: Incident Response and Data Acquisition
▷ Section 3: Forensic Tools in Kali Linux
Chapter 5: Evidence Acquisition and Preservation with dc3dd and Guymager
Chapter 6: File Recovery and Data Carving with foremost, Scalpel, and bulk_extractor
Chapter 7: Memory Forensics with Volatility
Chapter 8: Artifact Analysis
▷ Section 4: Automated Digital Forensic Suites
Chapter 9: Autopsy
Chapter 10: Analysis with Xplico
Chapter 11: Network Analysis
▶What this book covers
- Chapter 1, Introduction to Digital Forensics, introduces the reader to the world of digital forensics and forensic methodology, and also introduces the reader to various forensic operating systems.
- Chapter 2, Installing Kali Linux, covers the various methods that can be used to install Kali Linux as a virtual machine or as a standalone operating system, which can also be run from a flash drive or SD card.
- Chapter 3, Understanding Filesystems and Storage Media, dives into the realm of operating systems and the various formats for file storage, including secret hiding places not seen by the end user or even the operating system. We also inspect data about data, known as metadata, and look at its volatility.
- Chapter 4, Incident Response and Data Acquisition, asks what happens when an incident is reported or detected? Who are the first responders and what are the procedures for maintaining the integrity of the evidence? In this chapter, we look at best practices and procedures in data acquisition and evidence collection.
- Chapter 5, Evidence Acquisition and Preservation with dc3dd and Guymager, helps you to harness the power of DC3DD to acquire evidence, calculate and verify hashes, split images, and even forensically erase media. We'll also look at the Guymager GUI interface to acquire evidence and introduce Windows imaging tools such as FTK Imager and Belkasoft RAM Capturer.
- Chapter 6, File Recovery and Data Carving with foremost, Scalpel, and bulk_extractor, covers tools that demonstrate that deleted data can be recovered using various file-carving methods.
- Chapter 7, Memory Forensics with Volatility, demonstrates the importance of preserving volatile evidence such as the contents of the RAM and the paging file. Using Volatility and Evolve, we will identify and analyze running processes and network connections, and identify existing malware.
- Chapter 8, Artifact Analysis, deals with tools that we can use to identify systems, processes, passwords, emails, and other artifacts that are useful to any investigator. We also perform artifact analysis of the WannaCry ransomware.
- Chapter 9, Autopsy, The Sleuth Kit, revisits Autopsy (with new labs), which is recognized as one of the very few available tools to rival commercial forensic tools. This powerful tool takes forensic abilities and investigations to a professional level, catering for all aspects of full digital forensics investigations from hashing to reporting.
- Chapter 10, Analysis with Xplico, investigates and analyzes captured network and internet traffic using this powerful tool.
- Chapter 11, Network Analysis, continues with network artifact analysis by demonstrating how to create packet captures with Wireshark, and then quickly moves into automated analysis using offline and online tools such as Network Miner, PcapXray, and PacketTotal.
▶ Preface
In this second edition of this book, you'll find that the theory and methodologies have remained mostly the same, as the procedures and documentation are standard throughout the field; however, you'll find that the technical chapters contain new labs using new examples. I've also decided to include two completely new chapters that go into artifact analysis and network analysis, showcasing several tools with practicals that even beginners will find easy to follow. As much as we try to secure our data, systems, and networks to the best of our abilities, breaches occur. In an effort to understand what took place, we turn to the field of digital forensics. Although still a relatively new field, forensics has become just as important as security, especially considering the wealth of information available to anyone accessing the internet with the intent of carrying out malicious activity. Thankfully, digital fingerprints and artifacts are sometimes left behind, whether in a deleted or hidden file, an email, in someone's browsing history, a remote connection list, or even a mobile text message.
인물정보
저자(글) Shiva V. N. Parasram
Shiva V. N. Parasram is the Executive Director and CISO of the Computer Forensics and Security Institute, which specializes in penetration testing, forensics, and advanced cybersecurity training. As the only Certified EC-Council Instructor (CEI) in the Caribbean, he has also trained hundreds in CCNA, CND, CEH, CHFI, ECSA, and CCISO, among other certifications. He has partnered with international companies including Fujitsu (Trinidad) and Take It To The Top LLC as the lead trainer for advanced cybersecurity courses. Shiva is also the author of two other books from Packt Publishing and has delivered workshops, lectures, and keynote speeches regionally for ISACA, universities, law associations, and other institutions.
이 상품의 총서
Klover리뷰 (0)
Klover리뷰 안내
Klover(Kyobo-lover)는 교보를 애용해 주시는 고객님들이 남겨주신 평점과 감상을 바탕으로, 다양한 정보를 전달하는 교보문고의 리뷰 서비스입니다.
1. 리워드 안내
구매 후 90일 이내에 평점 작성 시 e교환권 100원을 적립해 드립니다.
- - e교환권은 적립일로부터 180일 동안 사용 가능합니다.
- - 리워드는 5,000원 이상 eBook, 오디오북, 동영상에 한해 다운로드 완료 후 리뷰 작성 시 익일 제공됩니다. (2024년 9월 30일부터 적용)
- - 리워드는 한 상품에 최초 1회만 제공됩니다.
- - sam 이용권 구매 상품 / 선물받은 eBook은 리워드 대상에서 제외됩니다.
2. 운영 원칙 안내
Klover리뷰를 통한 리뷰를 작성해 주셔서 감사합니다. 자유로운 의사 표현의 공간인 만큼 타인에 대한 배려를 부탁합니다. 일부 타인의 권리를 침해하거나 불편을 끼치는 것을 방지하기 위해 아래에 해당하는 Klover 리뷰는 별도의 통보 없이 삭제될 수 있습니다.
- 도서나 타인에 대해 근거 없이 비방을 하거나 타인의 명예를 훼손할 수 있는 리뷰
- 도서와 무관한 내용의 리뷰
- 인신공격이나 욕설, 비속어, 혐오 발언이 개재된 리뷰
- 의성어나 의태어 등 내용의 의미가 없는 리뷰
구매 후 리뷰 작성 시, e교환권 100원 적립
문장수집
문장수집 안내
문장수집은 고객님들이 직접 선정한 책의 좋은 문장을 보여 주는 교보문고의 새로운 서비스 입니다. 교보eBook 앱에서 도서 열람 후 문장 하이라이트 하시면 직접 타이핑 하실 필요 없이 보다 편하게 남길 수 있습니다. 마음을 두드린 문장들을 기록하고 좋은 글귀들은 ‘좋아요’ 하여 모아보세요. 도서 문장과 무관한 내용 등록 시 별도 통보없이 삭제될 수 있습니다.
리워드 안내
- 구매 후 90일 이내에 문장 수집 등록 시 e교환권 100원을 적립해 드립니다.
- e교환권은 적립일로부터 180일 동안 사용 가능합니다.
- 리워드는 5,000원 이상 eBook에 한해 다운로드 완료 후 문장수집 등록 시 제공됩니다. (2024년 9월 30일부터 적용)
- 리워드는 한 상품에 최초 1회만 제공됩니다.
- sam 이용권 구매 상품 / 선물받은 eBook / 오디오북·동영상 상품/주문취소/환불 시 리워드 대상에서 제외됩니다.
구매 후 문장수집 작성 시, e교환권 100원 적립
교보eBook 첫 방문을 환영 합니다!
신규가입 혜택 지급이 완료 되었습니다.
바로 사용 가능한 교보e캐시 1,000원 (유효기간 7일)
지금 바로 교보eBook의 다양한 콘텐츠를 이용해 보세요!
