K. CardwellTactical Wiresharkhttps://doi.org/10.1007/978-1-4842-9291-4_11

11. Extractions of Forensics Data with Wireshark

Kevin Cardwell¹

(1)

California, CA, USA

In this chapter, we will look at the challenges of obtaining forensics evidence from network capture files. First, we need to explain some basic concepts of forensics, so what exactly is it?

Digital Forensics – When you think of the concept, any data that is in the binary form of ones and zeros and we gather that data can be considered digital forensics; therefore, the processing of binary data is in fact digital forensics. This type of forensics has very unique characteristics when it comes to the ...

Get Tactical Wireshark: A Deep Dive into Intrusion Analysis, Malware Incidents, and Extraction of Forensic Evidence now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Tactical Wireshark: A Deep Dive into Intrusion Analysis, Malware Incidents, and Extraction of Forensic Evidence by Kevin Cardwell

11. Extractions of Forensics Data with Wireshark

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly