Back to all modules

Digital Forensics and Incident Response

Understand what forensic artifacts are present in the Windows and Linux Operating Systems, how to collect them, and leverage them to investigate security incidents.

Forensic artifacts are pieces of evidence left by human activity. In this module, we will learn about the forensic artifacts in Windows and Linux operating systems and perform basic malware analysis. We will learn to use Kape, Autopsy, Zimmerman’s tools, and Volatility to collect forensic data. We will also learn how to organize this data and leverage it to investigate incidents using the Hive project.

Loading rooms...

Need to know
Next Steps
What are modules?

A learning pathway is made up of modules, and a module is made of bite-sized rooms (think of a room like a mini security lab).

Learning Structure Diagram