Windows Forensics

This module delves into steganography, teaching how to identify, extract, and create hidden files. It transitions into hard disk analysis, focusing on system files and Master File Table (MFT) analysis. It also imparts hands-on experience with Forensic Toolkit (FTK), a crucial tool for digital forensics. This module equips learners with vital skills in data hiding and disk analysis.

• Steganography
• Identify Hidden Files
• Extracting Hidden Files
• Creating Hidden Files
• Hard Disk Analysis
• System Files
• MFT Analysis
• Working with FTK

This module delves into the analysis of digital artifacts. It focuses on registry analysis, including data extraction and examination of NTUSER.DAT files. The module concludes with techniques for conducting a general search and the use of registry viewers, thereby enhancing learners’ understanding of digital artifact investigation.

• Artifacts
• Artifact Directories
• Browsers
• Shadow Copies
• Registry Analysis
• Extracting Data
• DAT Analysis
• General Search
• Registry Viewers

This module delves into the complex realms of memory, event, network, and malware analysis. It imparts key skills for inspecting computer memory, investigating system events, analyzing network interactions, and examining malicious software, thereby equipping learners with critical abilities for cyber forensics investigations.

• Memory Analysis
• Creating an Image
• Working with Volatility
• Carving Data from RAM
• Events Analysis
• Event Viewers
• Setting Audit Policy
• Custom Search
• Network Analysis
• Service Protocol Analysis
• Identifying Darknet Connections
• Malware Analysis
• Basic Static Analysis
• Basic Dynamic Analysis