Events

First dedicated Forensic Computing Training at TR17

I am looking forward to our newly introduced dedicated Forensic Computing Training at TR17!
We will start the first day with a detailed background briefing about Forensic Computing as a Forensic Science, Digital Evidence, and the Chain of Custody. The rest of the workshop we will follow the Order of Volatility starting with the analysis of persistent storage using file system internals and carving, as well as RAID reassembly with lots of hands-on case studies using open source tools. As a next step, we will smell the smoking gun in live forensics exercises. Depending on your preferences we will then dig a bit into memory forensics and network forensics.

The goal of our training is to provide the basic knowledge that is required whenever an incident has to be analyzed in a forensically sound manner and covers the techniques needed to cope with the majority of incidents.

You should bring your Laptop with administrative privileges and VirtualBox installed.
No deep knowledge in digital forensics is necessary, but as we are dealing with open source Linux command line tools to allow everybody to directly make use of the techniques we show, you should definitely be familiar with Linux and the shell 😉

Best,
Andreas

Continue reading