SitePass
Our SitePass is worth more than $2400+ and is all you need to start your journey in Digital Forensics
Bundle Description
By purchasing this bundle, students will gain one-year access to all CYBER 5W's on-demand courses, including specialized training in Windows Forensics, Linux Forensics, Malware Analysis, and SOC Analysis. Our comprehensive, expert-led courses are designed to improve your skills and expertise, giving you the tools to advance your knowledge and excel in the field of digital forensics.
Introduction to Digital Forensics
Below you can find all the courses that are included in this SitePass
-
Introduction to Digital Forensics
Course4.9 average rating (63 reviews) -
Prepare Your Forensic Environment
Course4.9 average rating (16 reviews)This course will help you prepare your DFIR environment and will be continuously updated with new tutorials. The topics will include but not limited to installing Virtual machines, software, etc.
Free
-
Working with Virtual Hard Disk
Course4.9 average rating (8 reviews)In this course, you will learn how to attach, detach, and create a virtual hard disk in Windows OS.
Free
-
Introduction to Evidence Acquisition
Course5.0 average rating (12 reviews)This course covers the basic concepts of digital evidence acquisition.
-
Evidence Acquisition under Windows
CourseIn this course, you will learn how to wipe a disk drive, how to acquire digital evidence, and how to mount forensic images.
-
Working with FTK Imager
Course5.0 average rating (1 review)In this course, you will learn how to install and use FTK Imager to acquire, analyze, and mount digital evidence.
-
Computer Data Representation
Course4.7 average rating (6 reviews)In this course, you will learn how data is represented in a computer system and understand the most commonly used numbering systems. Understanding concepts in this course is key to understand the digital evidence you are dealing with.
-
Working with Files
CourseThis course covers the required digital forensic skills to work with files and identify the different file types (e.g. txt, exe, jpg, etc). You will also learn how to use a hexadecimal editor to inspect and analyze different files.
-
Introduction to File Systems and Data Carving
Course5.0 average rating (1 review)This course covers the basics of file system forensic analysis. In addition, it covers the concepts and skills needed to extract files from storage devices and recover deleted files to be used as evidence.
-
Writing Forensics Reports
Course5.0 average rating (3 reviews)This course for beginners who want to learn about the Digital Forensics and Investigations track, and how to write the forensics report after completing the investigation
-
Linux Forensics Distributions
Course5.0 average rating (5 reviews)This course will help you to determine which distribution you want to deal with based on your requirement, where this course will give you a brief description of the best digital forensics distributions.
Free
-
Intro to Linux from a Forensics Perspective - Tsurugi Version
Course5.0 average rating (6 reviews)This course covers the basics of how to deal with Linux operating systems. The used Linux distribution is Tsurugi.
Free
Site Pass
This SitePass gives you access to all our courses except the live and certification courses, and is all you need to get your career started in Digital Forensics.
-
Get started now
$1,200.00
One Student
Windows Forensics
All the courses in this track can be found below
-
Investigating Windows Recycle Bin
Course4.8 average rating (12 reviews)Investigate Windows Recycle Bin artifacts in this hands-on course. Learn to parse $R and $I files, decode timestamps, and use tools like RBCmd.exe and Rifiuti2 to recover or analyze permanently deleted items. Ideal for entry-level DFIR learners.
Free
-
Investigating Windows Program Executions
CourseInvestigate Windows execution artifacts like Prefetch, AmCache, ShimCache, UserAssist & BAM in hands-on labs. Learn tool-based analysis and forensic significance of each artifact. Ideal for DFIR analysts.
$50
-
Time Zone Conversions
Course4.5 average rating (2 reviews)This course covers the required digital forensic skills to inspect and understand the different timestamps that could be seen during an investigation and learn how to convert between timezones.
Free
-
Investigating Windows LNK Files and JumpLists
CourseInvestigate Windows LNK and JumpList artifacts in hands‑on labs. Learn to parse .lnk files and JumpLists, trace file usage, determine storage paths, even for deleted files. Essential training in user activity forensic analysis.
$50
-
Investigating Windows Thumb Caches
CourseDive into Windows thumbnail cache forensics using hands‑on labs. Learn to analyze Thumbs.db and thumbcache_xxx.db, uncover hidden file previews, and reconstruct user activity. Ideal for DFIR analysts and forensic investigators.
$50
-
Investigating Windows System Registry Artifacts
CourseExplore key Windows system registry artifacts using hands‑on virtual labs. Learn how to extract SYSTEM hive files from live systems or disk images, analyze AppCompatCache, Autoruns, network and user data, and uncover critical forensic evidence.
$50
-
Investigating Windows User Registry Artifacts
CourseDive into Windows user registry forensics. Extract and analyze NTUSER.DAT and USRCLASS.DAT to trace application usage, browsing, search queries, and more, via hands-on labs that help you build accurate user activity timelines.
$50
-
Investigating Windows Shellbags
CourseExplore Windows Shellbag artifacts to reconstruct folder view history. Learn to parse BagMRU and Bags registry keys, analyze timestamp metadata, and infer accessed directories, even deleted ones, through practical forensic labs.
$50
-
Investigating USB Thumb Drives
CourseAnalyze Windows USB forensic artifacts in hands-on labs. Learn to identify device IDs, connection timestamps, drive letters, and registry entries (e.g. MountPoints and SetupAPI logs). Ideal for DFIR analysts and USB investigations.
$50
-
Volume Shadow Copies (VSC)
CourseLearn how Windows Volume Shadow Copies (VSS) work and how to use them in forensic investigations. Gain skills to detect, mount, and analyze shadow snapshots to recover previous file versions. Hands-on labs ideal for DFIR analysts.
$50
-
Investigating Windows Scheduled Tasks
CourseLearn how to parse Windows Scheduled Tasks artifacts using hands-on virtual labs. Understand task formats, registry and XML artifacts, and how to uncover forensic evidence from scheduled jobs. Free foundational training for DFIR investigators.
Free
-
Windows Event Logs
Course5.0 average rating (1 review)Learn how to extract, analyze, and interpret Windows Event Logs using real-world forensic techniques. Dive into Event Viewer artifacts, log types, policy auditing, and extraction methods through guided virtual labs. Ideal for DFIR and SOC analysts.
$50
Pricing options
Explain how different pricing options might be valuable to different segments of your audience.
-
Get started now
$1,200.00
Regular price
Linux and Advanced Courses
All the courses in this track can be found below
-
Investigating Linux Systems Course (Sitepass)
CourseDive into our Linux Forensics course: uncover the Linux file system, find forensic artifacts, and master key tools. Ideal for IT pros, cybercrime experts, and security enthusiasts. Boost your digital forensics skills and career.
$600
-
Evidence Acquisition under Linux
CourseThis course teaches you how to acquire a disk image from a Linux device. The course will also teach you how to format and mount disks in Linux, how to deal with E01 images, how to use bootable media, and how to perform remote acquisition.
$50
-
Disk Forensic Analysis
CourseLearn how to analyze disk structures, identify and recover digital evidence, repair corrupted disks, and interpret metadata, all through hands‑on virtual labs designed for DFIR practitioners.
$50
-
Investigating File Systems
CourseUnderstand Windows file systems in detail, including FAT32 and NTFS. Learn to parse, analyze partitions and metadata, recover files, and investigate corrupted disks. Hands-on labs reinforce core forensics skills.
$50
-
FAT File System Forensics
CourseExplore FAT32 & VFAT file system internals in this hands‑on forensic lab. Learn to parse directory and allocation structures, recover deleted files, and uncover FAT‑specific artifacts. Lab-based training ideal for DFIR professionals.
$50
-
Hands-on Labs - Data Recovery and File Carving
Course -
Pre-order available now!
Anti-Forensics
CourseLearn how attackers hide evidence and how defenders expose it. This Anti‑Forensics course covers data hiding, steganography, encryption, filesystem and memory evasion techniques—with hands-on virtual labs to detect manipulation and recover hidden dat
$50
Malware Analysis Courses
All courses in this track can be found below
-
Introduction to Malware Analysis
CourseThis course will introduce you to the basics of malware analysis, how build your environment and how to use malware sandboxing services.
$50
-
Static Malware Analysis 101
CourseThis course will teach you the internals of PE files, what the Win32 API is and the basic of x86 and x64 Assembly language.
$50
-
Dynamic Malware Analysis 101
CourseThis course will teach you the basics of Windows architecture and how to monitor malware behavior and network traffic on the system.
$50
-
Static Malware Analysis 102 - IDA Pro
CourseThis course walk you through the most common techniques used by malware and how to use IDA Pro to reverse engineer malware samples and identify their capabilities.
$50
-
Static Malware Analysis 102 - Ghidra
CourseThis course walk you through the most common techniques used by malware and how to use Ghidra to reverse engineer malware samples and identify their capabilities.
$50
-
Dynamic Malware Analysis 102
Course$50
-
Analyzing Managed and Scripting Malware
CourseThis course explores managed code vs. unmanaged code. Also, we'll explain the essential concepts for analyzing malware written in managed languages by using the real malware sample to practically understand how things are done.
$50
-
Malware Detection & Hunting
Course$50
-
Initial Access and Anomaly Hunting
CourseInitial Access & Anomaly Hunting trains you to simulate attacker entry methods and detect anomalies using SIEM‑based lab exercises and real-world threat techniques like macros, LNK, HTA, ISO, scheduled tasks, and service abuse.
$50
-
Incident Response 101
CourseThis course covers incident response, focusing on preparation and detection. Participants will learn to identify and analyze security threats through theoretical knowledge and hands-on labs exercises.
$100
Pricing options
Explain how different pricing options might be valuable to different segments of your audience.
-
Get started now
$1,200.00
Regular price
Case Studies
Test your understanding with our different case studies
-
Encrypted Files Case #1
Course$50
-
Employee Policy Violation Case #2
Course5.0 average rating (1 review)Free
-
Web Server Case #3
CourseFree
-
Launching Attacks from Alternate Data Streams Case #4
CourseThis case study presents an in-depth analysis of the use of Alternate Data Streams (ADS) in Windows environments for concealing executable files, a technique commonly employed by sophisticated cyber attackers.
Free
-
Mystery Hacked System Case #5
CourseFree
-
Windows Forensics Workshop Case #6
CourseFree
-
Browser Policy Violation Case #7
CourseFree
-
SysInternals Case #8
CourseFree
-
NTFS File System Case #9
Course5.0 average rating (1 review)Free
-
Encrypt Them All Case #10
CourseFree
-
Meeting Location Case #11
CourseFree
What is next at Cyber 5W?
Add your email to the mailing list to get the latest updates