The most common tool used in forensics to extract files from images is Autopsy. Download it, install it and make it ingest the file to find "hidden" files. Note that Autopsy is built to support disk images and other kind of images, but not simple files.
Binwalk
Binwalk is a tool for searching binary files like images and audio files for embedded files and data.
It can be installed with apt however the source can be found on github.
Useful commands:
1
sudoaptinstall binwalk #Insllation
2
binwalk file#Displays the embedded data in the given file
3
binwalk -e file#Displays and extracts some files from the given file
4
binwalk --dd ".*"file#Displays and extracts all files from the given file
Copied!
Foremost
Another common tool to find hidden files is foremost. You can find the configuration file of foremost in /etc/foremost.conf. If you just want to search for some specific files uncomment them. If you don't uncomment anything foremost will search for it's default configured file types.
1
sudoapt-getinstall foremost
2
foremost -v -i file.img -o output
3
#Discovered files will appear inside the folder "output"
Copied!
Scalpel
Scalpel is another tool that can be use to find and extract files embedded in a file. In this case you will need to uncomment from the configuration file (/etc/scalpel/scalpel.conf) the file types you want it to extract.
This tool can scan an image and will extract pcaps inside it, network information(URLs, domains, IPs, MACs, mails) and more files. You only have to do:
1
bulk_extractor memory.img -o out_folder
Copied!
Navigate through all the information that the tool has gathered (passwords?), analyse the packets (readPcaps analysis), search for weird domains (domains related to malware or non-existent).