Investigate endpoint threats across Windows, Linux, macOS, and mobile platforms using memory, disk, and file system forensics.
- Master Windows, Linux, macOS, mobile and disk investigation techniques
- Investigate live memory and cold disk images for signs of compromise
- Learn file system analysis and forensics with hands-on labs covering MBR, GPT, FAT32, NTFS, EXT and file carving
- Use tools like Volatility, KAPE, SleuthKit, and ALEAPP in real world scenarios
Complete this learning path and earn a certificate of completion.
Introduction
In this path, you’ll dive deep into advanced endpoint investigation techniques. You’ll gain practical experience conducting forensic investigations across Windows, Linux, macOS, and mobile devices using industry standard tools. Focusing on memory analysis, disk forensics, artifact extraction, and system triage, you’ll develop the skills needed to uncover attacker activity, trace persistence, and respond to complex threats. Through a mix of theoretical content and hands on labs, you’ll build cross platform investigative workflows that mirror real world incident response. By the end, you’ll be equipped with the technical confidence and forensic fluency needed to lead investigations across diverse environments.
Section 1
File System Analysis
Topic Rewind Recap
Section 2
Linux Endpoint Investigation
Topic Rewind Recap
Section 3
Windows Endpoint Investigation
Topic Rewind Recap
Section 4
macOS Forensics
Topic Rewind Recap
Section 6
Memory Analysis
Topic Rewind Recap
Section 7
Disk Image Analysis
Topic Rewind Recap
Section 8
Honeynet Collapse
Topic Rewind Recap