Skip to main contentSkip to main content
image

0%

Windows Incident Surface

Learn how to implement DFIR techniques to explore the Windows incident surface.

image

0%

Compromised Windows Analysis

Learn about some key forensic artifacts and solve an interesting case of a compromised Windows workstation.

image

0%

Windows User Account Forensics

Learn where to search for artefacts associated with users and accounts.

image

0%

Windows User Activity Analysis

What happened in those 36 hours? A forensics case to solve.

image

0%

Expediting Registry Analysis

This room explores different tools used to expedite analysis of registry data during investigation.

image

0%

Windows Applications Forensics

Perform a live analysis on Windows systems, focused on determining the outliers based on known behaviour of scheduled tasks, services, and installed applications.

image

0%

Windows Network Analysis

Discover networking artefacts using internal tooling on Windows.

image

0%

Logless Hunt

Detect every attack step on a Windows machine even after threat actors cleared Security logs.

image

0%

Blizzard

A critical alert was triggered from a sensitive server. You are tasked to perform a live investigation on multiple machines to determine the root cause of the incident.

Topic Rewind Recap

Lock in what you learned with a recap. Earn points and keep your streak.

Next steps

Next steps: macOS Forensics

macOS Forensics

Learn macOS forensics through artefact analysis, app investigations, and hands-on labs covering system and user activity traces.

What are modules?

A learning pathway is made up of modules, and a module is made of bite-sized rooms (think of a room like a mini security lab).

Hierarchical diagram showing how learning pathways contain modules, which contain individual rooms.

We use cookies to ensure you get the best user experience. For more information see our cookie policy.