Syllabus of lectures
- Introduction to digital forensic analysis, creating an environment for evidence acquisition, hardware tools
- Technologies and tools of digital forensic analysis (Cellebrite, Oxygen Forensic Detective, Autopsy, Magnet Axiom)
- Methods and procedures for acquiring digital traces and securing evidence
- File systems and Windows system boot processes
- Metadata analysis from digital media
- Steganography and steganalysis techniques
- Methods for ensuring log availability and tools for their synchronization and storage
- Monitoring and analysis of web attacks
- Evidence acquisition from mobile devices
- Gathering information from open sources (OSINT)
- Analysis of Bitcoin transactions
- Dark web, onion services, and user identification in anonymous environments
- Anti-forensic techniques
- Preparation of investigative and audit reports
Syllabus of tutorials
- Introduction to digital forensic analysis and introduction of the laboratory
- The process of forensic investigation of computer search and provision
- Digital evidence and tools for obtaining it
- Creation of own laboratory environment for providing evidence
- Finding tracks and providing evidence in Windows OS
- File systems and disc exploration
- Data extraction and copying of analyzed environments
- Recover deleted files and partitions
- Steganography and its detection
- Using tools for breaking passwords
- Logging and analysis of network traffic and detection of attacks on wireless networks
- Detection of attacks on web applications
- Provision of e-mail communication, its investigation and detection of crime by e-mail
- Elaboration of investigation reports
Project
The task of the students will be to analyze the provided virtual image of Windows system. The image prepared in this way will contain traces of a cyber attack. Student performs analysis according to instructions for elaboration of given version of assignment. The student will present the findings of the analysis in the form of an examination report.
- Introduction to digital forensic analysis, creating an environment for evidence acquisition, hardware tools
- Technologies and tools of digital forensic analysis (Cellebrite, Oxygen Forensic Detective, Autopsy, Magnet Axiom)
- Methods and procedures for acquiring digital traces and securing evidence
- File systems and Windows system boot processes
- Metadata analysis from digital media
- Steganography and steganalysis techniques
- Methods for ensuring log availability and tools for their synchronization and storage
- Monitoring and analysis of web attacks
- Evidence acquisition from mobile devices
- Gathering information from open sources (OSINT)
- Analysis of Bitcoin transactions
- Dark web, onion services, and user identification in anonymous environments
- Anti-forensic techniques
- Preparation of investigative and audit reports
Syllabus of tutorials
- Introduction to digital forensic analysis and introduction of the laboratory
- The process of forensic investigation of computer search and provision
- Digital evidence and tools for obtaining it
- Creation of own laboratory environment for providing evidence
- Finding tracks and providing evidence in Windows OS
- File systems and disc exploration
- Data extraction and copying of analyzed environments
- Recover deleted files and partitions
- Steganography and its detection
- Using tools for breaking passwords
- Logging and analysis of network traffic and detection of attacks on wireless networks
- Detection of attacks on web applications
- Provision of e-mail communication, its investigation and detection of crime by e-mail
- Elaboration of investigation reports
Project
The task of the students will be to analyze the provided virtual image of Windows system. The image prepared in this way will contain traces of a cyber attack. Student performs analysis according to instructions for elaboration of given version of assignment. The student will present the findings of the analysis in the form of an examination report.