C5W-100 INTRODUCTION TO DIGITAL FORENSICS

At C5W, we’re passionate about empowering more people to join the Digital Forensics and Incident Response (DFIR) field. That’s why we’re thrilled to announce that our main introductory DFIR course is now completely FREE for everyone! This course is designed to break down barriers and make DFIR accessible to students, professionals, and anyone curious about this exciting domain. Whether you're just starting your journey or looking to deepen your understanding, this is the perfect opportunity to dive in. You can read more about why this course is FREE here.

Get Started Now

Enroll Now for Free

This bundle includes the following courses

1. What is Digital Forensics
2. Digital Forensics Investigation
3. What is the Digital Evidence
4. Digital Devices
5. Legal Aspects
6. Types of Digital Forensic Investigation
7. Challenges of Digital Forensics
8. Conclusion
9. How to set up your Windows VM - VMware
10. How to set up your Windows VM - VBox
11. Check Your Module's Knowledge
12. References
13. Have a Question?!
1. Hard Disk - Physical & Logical Drive
2. Virtual Hard Disk (VHD)
3. Creating Virtual Hard Disk
4. Creating Virtual Hard Disk with Two Partitions
5. Required Files -- Attaching and Detaching Virtual Hard Disk
6. Attaching and Detaching Virtual Hard Disk
7. Exercise #1
8. Solutions_Virtual_Hard_Disk
9. Summary
10. Check Your Module's Knowledge
11. Have a Question?!
1. Data Acquisition Concepts
2. Data Validation
3. Acquisition Methods
4. Forensic Image File formats
5. The Importance of Evidence Acquisition
6. Must-Know First Response actions
7. Required Files -- Sanitization of the Target Media
8. Sanitization of the Target Media
9. Hardwipe Tool
10. Cygwin tools (dd command in Windows)
11. Check Your Knowledge
12. Exercise #1
13. Exercise #1 Solution
14. Required Files -- Acquisition Tools
15. Evidence Data Acquisition
16. Memory Dump
17. Tools for Memory Dump
18. Disk Drive Imaging
19. Other Forensic Tools
20. Exercise #2
21. Solution_Exercise#2
22. Examples of Hardware Acquisition Tools
23. Using UltraDock Write-Blocker
24. Required Files - Mounting a Forensic Image
25. Introduction to Image Mounting
26. Arsenal Image Mounter
27. OSFMount
28. Other Forensic Image Mounting Tools
29. Exercise#3
30. Solution_Exercise#3
31. Summary
32. References
33. Have a Question?!
1. Introduction to Forensic Toolkit Imager
2. Required Files -- Introduction
3. Required Files -- Installation of FTK Imager
4. Install FTK Locally
5. Install FTK on a Portable Device (USB)
6. Required Files -- Evidence Acquisition
7. Digital Evidence Acquisition
8. Memory Acquisition
9. Disk Acquisition
10. Exercise #1
11. Solutions Exercise #1
12. Required Files -- Attach an Evidence Item
13. Add Evidence Item to FTK Imager
14. Create and Verify a Multi-Part Disk Images
15. Loading a Multi-Part Disk Image
16. Required Files -- Evidence Analysis
17. Evidence Analysis
18. Exporting Data using FTK Imager
19. Detect EFS Encryption
20. Exercise #2
21. Solution Exercise #2
22. Acquiring Protected Registry Files
23. Copying Registry Files
24. Required Files -- Interpreter in FTK
25. Interpreter
26. Exercise #3
27. Solution Exercise #3
28. Required Files -- Create Images with Advanced Features
29. Custom Content Images
30. AD Encryption
31. Exercise #4
32. Solution Exercise #4
33. Required Files -- Image Mounting
34. Image Mounting
35. Steps of Image Mounting
36. Mount Multi-Part Raw Disk Image with FTK
37. Summary
38. Have a Question?!
1. Introduction to Data Representation
2. Numbering Systems
3. Decimal Number System (Base 10)
4. Binary System (Base 2)
5. Hexadecimal (Base 16)
6. Octal (Base 8)
7. Byte Ordering
8. Introduction to Text Code
9. ASCII Code
10. Unicode
11. Exercises
12. Solutions
13. Have a Question?!
1. Introduction to File Identification
2. Installation of HxD Editor
3. Working with HxD Editor
4. Installation of 010 Editor
5. Working with 010 Editor
6. 010 Editor, Let us start
7. Explore the View Options
8. Viewing Unicode Files
9. View Options: Edit As
10. View: Font & Character Set
11. View: Line Width & Addresses
12. View: Group by, Division Lines, Left & Right View Areas
13. View: Highlighting, Ruler, & Status Bar
14. More View Options
15. File Offsets
16. Relative Offsets
17. Examples on Relative Offsets 1
18. Examples on Relative Offsets #2
19. Search Menu: Find using Hex
20. Search Menu: Find using Text
21. Search Menu: Replace
22. Search Menu: Find Strings
23. Search Menu: Find in Files
24. Search Menu: Replace in Files
25. Search Menu: Goto...
26. Search Menu: Goto using Directions
27. The Format Menu
28. Tools Menu Part #1
29. Tools Menu Part #2
30. Inspector (Interpreting Data) Part #1
31. Inspector (Interpreting Data) Part #2
32. Templates Part #1
33. Templates (File Signatures) Part #2
34. Templates - PE File (Part #1)
35. Templates - PE File (Part #2)
36. Templates - PE File (Part #3)
37. Templates - PE File (Part #4)
38. Templates - PE File (Part #5)
39. Templates - PE File (Part #6)
40. Templates - PE File (Part #7)
41. Templates - PE File (Part #8)
42. Templates - PE File (Part #9)
43. Templates - PE File (Part #10)
44. Templates - PE File (Part #11)
45. Templates - PE File (Part #12)
46. Reviewing 010 Template for PE File Format
47. Required Files
48. Introduction to File Signature
49. Text Files
50. Microsoft Word File
51. PDF Files
52. TAR Files
53. Zip File
54. PNG Files
55. JPEG Files
56. EXE Files
57. MP3 Files
58. MP4 Files
59. System Metadata
60. Embedded Metadata
61. Required Files -- Exercises
62. Exercise #1
63. Exercise #2
64. Exercise #3
65. Solutions of Exercises
66. Have a Question?!
1. Introduction to File System and Data Carving
2. What is File System
3. Hard Disk
4. NTFS
5. Ext4
6. NTFS vs EXT4
7. Required Files -- Data Carving
8. Introduction to Data Carving
9. Manual Data Carving - Using Hex Editor
10. Manual Data Carving - Carving an Image from a Doc File
11. Automatic Data Carving - Photorec
12. Automatic Data Carving - foremost
13. Required Files -- Exercises
14. Exercise #1
15. Exercise #1 - Solution
16. Exercise #2
17. Exercise #2 - Solution
18. Exercise #3
19. Exercise #3 - Solution
20. Have a Question?!
1. Introduction
2. Converting Times
3. Converting Dates
4. Exercise 01
5. Exercise 01 - Solution
6. File Operations
7. Required Files -- Timestamps and File Operation
8. Exercise 02 -- Inspecting Timestamps
9. Exercise 02 -- Solutions
10. Have a Question?!
1. Required Files
2. Lab #1 - Working with Autopsy
3. Lab #1 - Working with Autopsy (Solution)
4. Extra Reading Resources
1. What is the Forensics Report ?
2. Preparing For Forensics Report
3. The Importance of the Forensics Report
4. Why Documenting is Important?
5. Forensics Report Sections
6. Reporting Standards And Guidelines
7. Conclusions
8. Have a Question?!

About this course

Free
216 lessons
0 hours of video content

Course Type: Theory & Hands-on

Pricing Options

The course is completely FREE, and you can learn and practice using your own workstation. However, if you prefer a virtual environment to practice in, you have the option to purchase a subscription to access an online lab environment dedicated just for you. Choose the enrollment option that works best for you. If you’re enrolling as a group or need a customized plan, feel free to contact us, we’re here to assist!

C5W-100 INTRODUCTION TO DIGITAL FORENSICS

No virtual lab access

Free
Enroll Now
C5W-100 INTRODUCTION TO DIGITAL FORENSICS

Includes 20 hours of virtual lab access

$50.00
Buy Now

Get Started Now

Your first steps to digital forensics completely FREE!

Enroll Now

Learning Outcomes

After completing this course, you will learn the following.

Understand the concepts of digital forensics and investigation
Understand the evidence acquisition and how to acquire evidence under Windows
Master FTK Imager usage
Learn how data is represented on computers
Understand files and headers
Become familiar with the basics of file systems and learn how to carve data
Master time zones and date analysis
Learn how to write forensic reports

Technical Requirements

To complete the hands-on labs of this track

Basic knowledge of using a Virtual Machine
Windows 10 operating system (recommended)

Social Proof: Reviews

“The course provided good, clear, precise material on digital forensics, it was a wonderful experience with good exercises to reinforce knowledge and i would recommend it for anyone interested in digital forensics. ”

→Read Less

“A very good introduction to DFIR.”

→Read Less

“The content is apt, concise, precise, easy to understand and straight to the point.”

→Read Less

What is next at Cyber 5W?

Add your email to receive updates on new courses.