Digital Forensics and Incident Response

Understand what forensic artifacts are present in the Windows and Linux Operating Systems, how to collect them, and leverage them to investigate security incidents.

Forensic artifacts are pieces of evidence left by human activity. In this module, we will learn about the forensic artifacts in Windows and Linux operating systems and perform basic malware analysis. We will learn to use Kape, Autopsy, Zimmerman’s tools, and Volatility to collect forensic data. We will also learn how to organize this data and leverage it to investigate incidents using the Hive project.

Digital Forensics and Incident Response

Need to know

Next Steps

What are modules?