All times are in Pacific Daylight Time (UTC-0700).

  • Track: Workshop: Saturday 10/09 @ 0800-1200 PDT

This intro-level workshop covers topics present in Digital Forensics LifeCycle like Evidence Collection and Investigation of a Windows machine. Attendees will be provided with the necessary lab instructions and evidence files to perform forensic analysis practically and be confident and clear on how to apply the knowledge gained here to investigate some real-world scenarios.

Attendees will learn:

  • Skills required for a Forensic Examiner
  • Build their own forensics toolkit with free and open-source tools
  • Evidence Collection –> On Live and Dead Machines, Do’s and Don’ts
  • Investigation –> Windows Artifact analysis, Internet History & Application Analysis, Data Carving, Memory Analysis
  • Opportunities and challenges in this field

Attendees will be provided with:

  • Evidence Files
  • Lab instructions to perform forensic analysis
  • Windows Forensics Artifact Library
  • Useful resources for further practice and exploration after this workshop

Lab Requirements:

  • OS: Windows 7 and above [Win10 recommended]
    • If you are on Linux or Mac, Install Windows using VirtualBox
  • RAM: Min. 4GB [8GB recommended]
  • Disk Space: 50 GB

Note: Download links for the labs will be shared before the workshop


  • Familiarity with Windows Operating System.
  • Curiosity, Willingness, and of course, the Lab requirements too

Surya is a Security Engineer with 5+ years of experience in performing both offensive and defensive activities. Engaging, understanding, and knowledgeable technical trainer, having expertise in training small and large groups across diverse industries.

Read More

twitter @surya4n6 linkedin Surya Teja Masanam

© 2023 ShellCon