Digital Forensics Training

Digital Forensics Training

Digital forensics is a branch of computer science that focuses on developing evidence pertaining to digital files for use in civil or criminal court proceedings. Digital forensic evidence would relate to a computer document, email, text, digital photograph, software program, or other digital record which may be at issue in a legal case.

Forensic science is the study of any field as it pertains to legal matters. Forensic evidence refers more specifically to evidence which meets stringent standards of reliability and scientific integrity for admissibility in court. Digital forensics is the forensic science related to computer operations, software, and files, as well as the digital or electronic files contained on other technology-based appliances or storage devices, such as a digital camera. There is a broad array of applications of digital forensics to civil and criminal cases.Digital media seized for investigation is usually referred to as an “exhibit” in legal terminology. Investigators employ the scientific method to recover digital evidence to support of disprove a hypothesis, either for a court of law or in civil proceedings.

Introduction to Computer Forensics

Forensic Examination Procedures

Introduction to Chain of Custody

Preparing ur own Forensics tool kit

Difference between IR & Forensics

Incidence Response

IRM & forensics Life Cycle

Windows Incidence Response

Do’s & Dont’s in incidence response

Different Methods of Live Acquisition

Understanding Order of Volatality

Memory Acquisition

Analyzing Volatile Data

Dynamic Disk Imaging

Command based Acquisition

Analyzing Windows Registry

Analyzing Event viewer logs

Imaging Volitaile data using netcat

Verifying Memory dumps

Analyzing Security policies

Linux Incidence response

Understanding Linux Ext3/Ext4 file systems

Understanding Boot process

Boot problem cheat sheets

Key differences between Windows & Linux

Creating Response Toolkit

Running Bash scripts to acquire live image

Hash verification of output files


Types of Forensics

Physical imaging Vs Logical imaging

Understanding different methods of forensics duplication

Traditional approach to forensics


Methods of acquisition

Imaging using encase

Imaging using DEFT Linux

Imaging using Helix

Imaging using SIFT workstation

Imaging using FTK


Understanding Metadata

Analyzing swap & pagefiles

Physical Analysis Vs Logical Analysis

Mounting images to analysis tools

Deleted file recovery

Timestamp Analysis

Analyzing Raw partitions

Analyzing Stenographic data

Understanding slacks

String based searching

Keyword based searching


Evidence collection

Documenting Investigation process

Timestamps Recording

Hash calculations recording

Do’s and Don’ts

Browser Forensics

Introduction to browser Forensics

IE forensics

IE log analysis

Rebuilding IE cache & History

Understanding Firefox logging & cache architecture

Analyzing Firefox sqlite database

Firefox Log Analysis

Reconstructing Firefox cache & History

Chrome Forensics

Opera Forensics

Tool based browser Forensics

Using NetAnalysis, Blade, History Extractor


Skype log Analysis

Rebuilding skype chat

Network Forensics

Introduction to Network Foresnics

Understanding network Architecture

Understanding network Logging

Investigating Wireless logs

Investigating Network logs

Webserver log Analaysis

IIS server Logs Architecture

IIS log analysis using IE log Analyzer

Apache Web server logging architecture

Apache log analysis using apache log viewer


Introduction to SIEM

Installing Splunk

Configuring Splunk for weblogs

Configuring Splunk for Network log analysis

Log Analaysis

Understanding Firewall logs

Configuring Syslog server

Syslog log reading

Cisco firewalls logging Methodology

Cisco firewalls log analysis

Understanding IDS Mechanism

Overview of IDS Alerts & Sensors

IDS log Analysis

Router Forensics

Router log analysis

Fraud & Forensics Analysis

Cyber Laws

Offences & Penalites

Investigating Sexually Harassment cases

Investigating Threat Mails

E-Mail Tracking

Cyber Pornography

Case study

Packet Analysis using wireshark

Packet Analysis using Xplico

Packet Analysis using NetworkMiner

Test disk image analysis

Participating Forensic challenges

Download Soft Copy Request Course Details