This intro-level workshop covers topics present in Digital Forensics LifeCycle like Evidence Collection and Investigation of a Windows machine. Attendees will be provided with the necessary lab instructions and evidence files to perform forensic analysis practically and be confident and clear on how to apply the knowledge gained here to investigate some real-world scenarios.

Attendees will learn:

• Skills required for a Forensic Examiner
• Build their own forensics toolkit with free and open-source tools
• Evidence Collection –> On Live and Dead Machines, Do’s and Don’ts
• Investigation –> Windows Artifact analysis, Internet History & Application Analysis, Data Carving, Memory Analysis
• Opportunities and challenges in this field

Attendees will be provided with:

• Evidence Files
• Lab instructions to perform forensic analysis
• Windows Forensics Artifact Library
• Useful resources for further practice and exploration after this workshop

Lab Requirements:

• OS: Windows 7 and above [Win10 recommended]
  • If you are on Linux or Mac, Install Windows using VirtualBox
• RAM: Min. 4GB [8GB recommended]
• Disk Space: 50 GB

Note: Download links for the labs will be shared before the workshop

Pre-requisites

• Familiarity with Windows Operating System.
• Curiosity, Willingness, and of course, the Lab requirements too