2

Introduction to Digital Forensics

This chapter introduces the various aspects of the science of digital forensics. It introduces you, particularly those of you who may be new to Digital Forensics and Incident Response (DFIR), to the basics, which we will build upon as we progress further into the book.

The topics we are going to cover in this chapter are:

  • What is digital forensics?
  • The need for blue and purple teams
  • Digital forensics methodologies and frameworks
  • Comparison of digital forensics operating systems (OSs)
  • The need for multiple forensics tools in digital investigations
  • Comparison of commercial versus open source forensic tools

What is digital forensics?

The first thing I’d like to cover in this chapter is an understanding of digital ...

Get Digital Forensics with Kali Linux - Third Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.