Skip to Main Content
Practical Memory Forensics
book

Practical Memory Forensics

by Svetlana Ostrovskaya, Oleg Skulkin
March 2022
Intermediate to advanced content levelIntermediate to advanced
304 pages
5h 58m
English
Packt Publishing
Content preview from Practical Memory Forensics

Chapter 8: User Activity Reconstruction

During forensic investigations and incident responses, reconstructing user activity is an essential part of collecting important data from the hosts of both victims and attackers. Linux-based systems have an important role to play here as they are often used by attackers to carry out their activities. This is because many different network and vulnerability scanners, web application security testing tools, and post-exploitation frameworks are implemented under Linux. Thus, investigating the host used by the attackers reveals to us detailed information about the tools and techniques used in the attack. Furthermore, by examining user activity, we can learn more about the stages of preparation for the attack, ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Practical Windows Forensics

Practical Windows Forensics

Ayman Shaaban, Konstantin Sapronov
Practical Mobile Forensics - Fourth Edition

Practical Mobile Forensics - Fourth Edition

Rohit Tamma, Oleg Skulkin, Heather Mahalik, Satish Bommisetty
Learn Computer Forensics

Learn Computer Forensics

William Oettinger

Publisher Resources

ISBN: 9781801070331