Hands-On Network Forensics: Investigate network attacks and find evidence using common network forensic tools

Price: $29.99 - $23.68
(as of Oct 03, 2025 00:31:05 UTC – Details)

Gain basic skills in network forensics and learn how to apply them effectively

Key FeaturesInvestigate network threats with easePractice forensics tasks such as intrusion detection, network analysis, and scanningLearn forensics investigation at the network levelBook Description

Network forensics is a subset of digital forensics that deals with network attacks and their investigation. In the era of network attacks and malware threat, it’s now more important than ever to have skills to investigate network attacks and vulnerabilities.

Hands-On Network Forensics starts with the core concepts within network forensics, including coding, networking, forensics tools, and methodologies for forensic investigations. You’ll then explore the tools used for network forensics, followed by understanding how to apply those tools to a PCAP file and write the accompanying report. In addition to this, you will understand how statistical flow analysis, network enumeration, tunneling and encryption, and malware detection can be used to investigate your network. Towards the end of this book, you will discover how network correlation works and how to bring all the information from different types of network devices together.

By the end of this book, you will have gained hands-on experience of performing forensics analysis tasks.

What you will learnDiscover and interpret encrypted trafficLearn about various protocolsUnderstand the malware language over wireGain insights into the most widely used malwareCorrelate data collected from attacksDevelop tools and custom scripts for network forensics automationWho this book is for

The book targets incident responders, network engineers, analysts, forensic engineers and network administrators who want to extend their knowledge from the surface to the deep levels of understanding the science behind network protocols, critical indicators in an incident and conducting a forensic search over the wire.

Table of ContentsIntroduction to Network ForensicsTechnical Concepts and Acquiring EvidenceDeep Packet InspectionStatistical flow analysisCombating Tunneling and EncryptionInvestigating Good, Known and the Ugly MalwareInvestigating C2 ServersInvestigating and Analyzing LogsWLAN ForensicsEvidence Segregation

ASIN ‏ : ‎ B07FDBJ52L
Publisher ‏ : ‎ Packt Publishing
Accessibility ‏ : ‎ Learn more
Publication date ‏ : ‎ March 30, 2019
Edition ‏ : ‎ 1st
Language ‏ : ‎ English
File size ‏ : ‎ 116.2 MB
Screen Reader ‏ : ‎ Supported
Enhanced typesetting ‏ : ‎ Enabled
X-Ray ‏ : ‎ Not Enabled
Word Wise ‏ : ‎ Not Enabled
Print length ‏ : ‎ 383 pages
ISBN-13 ‏ : ‎ 978-1789341058
Page Flip ‏ : ‎ Enabled
Best Sellers Rank: #1,258,020 in Kindle Store (See Top 100 in Kindle Store) #439 in Network Security (Kindle Store) #572 in Computer Networks, Protocols & APIs (Kindle Store) #1,095 in Computer Network Security
Customer Reviews: 4.6 4.6 out of 5 stars 54 ratings var dpAcrHasRegisteredArcLinkClickAction; P.when(‘A’, ‘ready’).execute(function(A) { if (dpAcrHasRegisteredArcLinkClickAction !== true) { dpAcrHasRegisteredArcLinkClickAction = true; A.declarative( ‘acrLink-click-metrics’, ‘click’, { “allowLinkDefault”: true }, function (event) { if (window.ue) { ue.count(“acrLinkClickCount”, (ue.count(“acrLinkClickCount”) || 0) + 1); } } ); } }); P.when(‘A’, ‘cf’).execute(function(A) { A.declarative(‘acrStarsLink-click-metrics’, ‘click’, { “allowLinkDefault” : true }, function(event){ if(window.ue) { ue.count(“acrStarsLinkWithPopoverClickCount”, (ue.count(“acrStarsLinkWithPopoverClickCount”) || 0) + 1); } }); });