Let's get to the good stuff. In this section, we will have a detailed look at the tools for acquiring forensic images, data recovery and memory dump analysis, and ransomware detection and analysis.
This part comprises the following chapters:
Chapter 5, Evidence Acquisition and Preservation with dc3dd and Guymager
Chapter 6, File Recovery and Data Carving with foremost, Scalpel, and bulk_extractor
