Weaponized IoT: A Comprehensive Comparative Forensic Analysis of Hacker Raspberry Pi and PC Kali Linux Machine

The proliferation of Internet of Things (IoT) devices has introduced new challenges for digital forensic investigators due to their diverse architectures, communication protocols, and security vulnerabilities. This research paper presents a case study focusing on the forensic investigation of an IoT device, specifically a Raspberry Pi configured with Kali Linux as a hacker machine. The study aims to highlight differences and challenges in investigating Weaponized IoT as well as establish a comprehensive methodology to analyse IoT devices involved in cyber incidents. The investigation begins with the acquisition of digital evidence from the Raspberry Pi device, including volatile memory, and disk images. Various forensic tools and utilities are utilized to extract and analyse data, tools such as Exterro FTK, Magnet AXIOM and open-source tools such as and Volatility, Wireshark, Autopsy. The analysis encompasses examining system artefacts, log files, installed applications, and network connections to reconstruct the device's activities and identify potential evidence proving that the user perpetuated security breaches or malicious activities. The findings of this research contribute to the advancement of IoT forensic capabilities by providing insights into the methodologies and best practices for investigating IoT devices, particularly those configured as hacker machines. The case study serves as a practical demonstration of the forensic techniques applicable to IoT environments, facilitating the development of protocols, standards, and training programs for IoT forensic investigators. Ultimately, enhancing forensic readiness in IoT deployments is essential for mitigating cyber threats, preserving digital evidence, and ensuring the integrity of IoT ecosystems.