More Information
  • Understand the power of Kali Linux as a forensic analysis platform
  • Acquire forensically sound images from different types of media
  • Extract and analyze artifacts from images
  • Recover deleted data bypassing the file system
  • Acquire and analyze live memory
  • Capture and analyze network data packets.
  • Report on and present your findings

Kali Linux is the most comprehensive distributions for penetration testing and ethical hacking. It has some of the most popular forensics tools available to conduct formal forensics and investigations and perform professional-level forensics.

This video course teaches you all about the forensic analysis of computers and mobile devices that leverage the Kali Linux distribution. You'll get hands-on, seeing how to conduct each phase of the digital forensics process: acquisition, extraction, analysis, and presentation, using the rich set of open source tools that Kali Linux provides for each activity.

The majority of this tools are also installed on other forensic Linux distributions, so the course is not only limited to Kali Linux but is suitable for any open-source forensic platform in the same way. We start by showing you how to use the tools (dc3dd in particular) to acquire images from the media to be analyzed, either hard drives, mobile devices, thumb drives, or memory cards. The course presents the Autopsy forensic suite and other specialized tools, such as the Sleuth Kit and RegRipper, to extract and analyze various artifacts from a Windows image. It also shows how to perform the analysis of an Android device image using Autopsy. Next, we cover file carving and the recovery of deleted data, and then the process of acquiring and analyzing RAM memory (live analysis) using the Volatility framework.

Another topic is treated in the course, that is network forensics; indeed, the course covers how to use Wireshark to capture and analyze network data packets.

Finally, we demonstrate how to report and present digital evidence found during the analysis. By the end of the course, you will be able to extract and recover data, analyze the acquired data, and report and present digital evidence from a device.

Style and Approach

This course presents step-by-step instructions for digital imaging and forensics, and shows you hashing tools to perform successful forensic analysis with Kali Linux. There are clear and concise instructions to guide you through the practical techniques and tools.

  • Learn and practice through various tools and techniques that leverage the Kali Linux distribution
  • Extract and recover data and perform successful forensic analysis and investigations
  • Perform professional-quality forensics through ethical means, and solve forensic challenges in real-world scenarios
Course Length 3 hours 24 minutes
ISBN 9781783989225
Date Of Publication 29 Apr 2017


Marco Alamanni

Marco Alamanni has professional experience working as a Linux system administrator and Information Security analyst in banks and financial institutions.

He holds a BSc in Computer Science and an MSc in Information Security. His interests in information technology include ethical hacking, digital forensics, malware analysis, Linux, and programming, among other things. He also collaborates with IT magazines to write articles about Linux and IT security.

He has used Kali Linux on various occasions to conduct incident response and forensics in his professional activity, besides using it for penetration testing purposes. He is also the author of “Kali Linux Wireless Penetration Testing Essentials” published by Packt Publishing.

 I would like to thank Packt Publishing for having offered me this exciting project and all the people I have worked with during its realization for their guide and support.

A big thank goes to my family, in general, and in particular to my wife Candice and my sons, Niccolò and Fabio Antonio, for their love and encouragement.

This course is dedicated to the memory of a dear and special person, Maria Vitteri, that will always remain in our thoughts and in our hearts.