Digital Forensics Training & Consulting
why Investigating Linux Forensics is important
Why do we need to learn Linux Forensics? Well, nowadays when you look at the number of tools available on different penetration testing systems running Linux, you should stop and ask yourself a basic question "are these tools and systems, always gonna be used for ethical purposes?".
The answer is definitely, NO! Another reason to consider Linux forensics, is you arrive to the crime scene and you find out that your suspect’s desktop is a Linux operating system! If you don’t have the proper skillset, you will be shocked and start to question your knowledge, ability, and skillset. What should I do?
Do I have the skills required to collect data from this system? Where should I look for data and artifacts? What do these artifacts even look like? How can we identify and track user activity? etc.
On Demand: Material | Certification of Completion | Exam Certification
The course material includes over 20 Hands-on Labs and 8 hours of recorded lecture
Kindly choose the enrollment pricing option that suits you best. Please note that the fees include the Course Material and Two Exam attempts (coming soon). If you're enrolling as a group or need a custom plan, please contact us. We're here to help!
Upon completion of this on-demand, self-paced training, you'll gain the skills needed to effectively investigate compromised Linux systems, locate system and application artifacts, and recover deleted data with efficiency.
Ali Hadi is a highly accomplished and experienced Senior Cybersecurity Specialist with 14+ years of professional experience in Information Technology. He is currently working as a full-time professor and researcher at the Computer and Digital Forensics and Cybersecurity Departments of Champlain College, USA. Ali is a Co-Founder and the Chief Technology Officer of Cyber 5W. He holds a PhD and MSc degree in Computer Information Systems, as well as a BSc degree in Computer Science. Throughout his professional career, Ali has earned more than 20 professional certifications. Ali is a sought-after consultant in the field of cybersecurity, offering expertise in areas such as digital forensics, incident response, adversary simulation, offensive security, and malware analysis. He is also an established author, speaker, and freelance instructor, having provided technical training to government and private firms as well as other organizations. Ali continues to be an influential figure in the digital forensics community and is dedicated to promoting forensics education and research. More details could be found here or contact him directly through twitter here.
After completing this training, will be capable of:
Searching through the FHS
Working with volumes and mounting forensic case images
Search in log files
Using TSK to list forensic image info and work with EXT4 file systems
Use debugfs and EXT4 journals to recover deleted files
Tracking running processes
Using the ProcFS to the benefit of your IR
Extracting processes from memory
Generating and filtering a super timeline
what should you know before taking the course
This course assumes no previous knowledge in Linux operating systems, however basic knowledge in digital forensics is highly recommended.
why should you take this training
Anyone who wants to perform Linux investigations, SOC team members, incident response handlers, red team members, malware analysts, and anyone who is curious to know about Linux digital forensics and wants to learn something new.
what you need to for the course