Windows Forensics

‍

Navigate, Analyse & Protect Your Windows Systems

Master Windows Forensics and become adept at navigating the intricacies of data storage and conducting thorough cyber investigations with our expert-led training.

Learning Outcomes Syllabus Training Schedule Methodology FAQs

Learning Outcomes:

Participants will:

Gain expertise in handling digital data within Windows environments, from file and disk analysis to metadata examination, employing tools like Hex Editors and FTK.
Learn to identify and manipulate hidden files and understand the intricacies of data hiding and extraction techniques within the Windows operating system.
Develop the ability to collect and analyze digital artifacts, focusing on registry analysis and evidence extraction methods to enhance digital investigations.
Acquire advanced skills in memory, event, network, and malware analysis to dissect complex cyber threats and vulnerabilities.
Understand the critical aspects of web application security, identifying common vulnerabilities and employing strategies to secure data transactions and maintain overall application integrity.

Question text goes here

Become familiar with different attack scenarios

Course Syllabus:

Chapter 01

Digital Data

Question text goes here

Files and Disks

Encoding
Number Systems
Digital Sizes
Solid State Drive (SSD) Features

Hex Editor

Working with Offsets
Viewing Files
Viewing Disks

Automatic Carving

Carving Methods
Automatic Carvers
Windows System Files

Metadata

Viewing Metadata
Modified Accessed Created
Editing Exif Data

Steganography

Identify Hidden Files
Extracting Hidden Files
Creating Hidden Files

Hard Disk Analysis

System Files
MFT Analysis
Working with FTK

Chapter 02

File Forensics

Question text goes here

Become familiar with different attack scenarios

Artefacts

Artifact Directories
Browsers
Shadow Copies

Registry Analysis

Extracting Data
NTUSER.DAT Analysis
General Search
Registry Viewers

Chapter 03

Collecting Evidence

Question text goes here

Become familiar with different attack scenarios

Memory Analysis

Creating an Image
Working with Volatility
Carving Data from RAM

Events Analysis

Event Viewers
Setting Audit Policy
Custom Search

Network Analysis

Service Protocol Analysis
Identifying Darknet Connections

Malware Analysis

Basic Static Analysis
Basic Dynamic Analysis

Chapter 04

Analysis

Question text goes here

Become familiar with different attack scenarios

Chapter 05

Question text goes here

Become familiar with different attack scenarios

Training Schedule:

Tailored To Client

Question text goes here

Training Methodology:

Apprenticeship-based Training

Experience hands-on learning with our demonstration method on a virtual/host machine, ensuring immersive understanding.
Our trainers prioritise showing over telling, explaining intricacies without relying on slides, offering direct engagement.
Bridge your knowledge gap by connecting theoretical concepts to practical cybersecurity applications, enhancing career readiness.

Practice Labs

Engage in repeated practice sessions to solidify and reinforce your understanding.
Delve deeper with practice questions, encouraging students to explore interconnected topics and enhance comprehension.
Stimulate critical thinking through challenge questions, prompting students to seek solutions and broaden their problem-solving abilities.

Assessment and Project

Equip yourself with the expertise and tools essential for navigating corporate networks safely.
Gain a comprehensive understanding of cyber-attacks to fortify your digital environment effectively.
Broaden your horizon by familiarising yourself with diverse cyber-attack scenarios and their implications.

Question text goes here