Digital Forensics Course

Learn the fundamentals, investigation process, chain of custody, and legal frameworks that govern digital forensics.

Master disk imaging techniques, write-blocking technologies, and evidence verification using hash algorithms.

Understand NTFS, FAT, ext4 file systems and analyze forensic artifacts like MFT, $LogFile, and deleted files.

Analyze Windows Registry, Event Logs, Prefetch files, LNK files, Jump Lists, and other Windows artifacts.

Investigate Linux systems including file hierarchy, log files, bash history, user accounts, and cron jobs.

Master RAM analysis using Volatility Framework to extract processes, network connections, and malware artifacts.

Analyze network traffic with Wireshark, detect malicious activity, and investigate protocol-level evidence.

Extract and analyze evidence from iOS and Android devices including app data, SMS, location, and SQLite databases.

Analyze PST/OST files, email headers, browser history, cookies, cache, and recover browsing artifacts.

Perform static and dynamic malware analysis, extract IOCs, use sandboxing, and create YARA rules.

Build super timelines with Plaso/log2timeline, correlate events, and write professional forensic reports.

Explore cloud forensics, container analysis, anti-forensics, IoT investigations, and real-world case studies.