ufidon/df

course materials and references for its452

its452

course materials and references for its452

Youtube channel

To receive automatic notification from the Youtube channel of this course on new uploaded videos, click this link to subscribe for automatic notification or scan this QR code with your smartphone:

Prerequisite

In this course, we will create virtual machines with Ubuntu LTS image and Windows Server image, all needed software will be installed in the virtual machines. To be ready for this course, you need to have

• Hardware
  • A laptop or desktop computer with >= 8GB ram, one free USB 3.0+ port
  • A USB 3.0+ Flash drive or external SSD with size >= 256GB, for example:
    • USB 3.0+ Flash drive
      • Samsung BAR Plus 256GB - 300MB/s USB 3.1 Flash Drive Titan Gray (MUF-256BE4/AM)
      • SanDisk 256GB Extreme PRO USB 3.1 Solid State Flash Drive - SDCZ880-256G-G46
    • USB 3.0+ External SSD
      • SanDisk 500GB Extreme Portable External SSD - Up to 550MB/s - USB-C, USB 3.1 - SDSSDE60-500G-G25
      • Samsung (MU-PA500B/AM)T5 Portable SSD - 500GB - USB 3.1 External SSD , Blue
• Operating system
  • Window 7+
  • Ubuntu 18.04 LTS+
• Software
  • VirtualBox
  • If you have problems using VirtualBox alongside Hyper-V
  • If your Windows is Home Edition, you may have weird problems with Virtualbox if Hyper-V is installed. Use VMWare Workstation Player instead of VirtualBox.

References textbooks

• Digital Forensics with Open Source Tools
• File System Forensic Analysis
• Practical Guide to Digital Forensics Investigations
• Computer Forensics and Cyber Crime: An Introduction, 4th Edition
• Investigating the Cyber Breach: The Digital Forensics Guide for the Network Engineer
• Digital Archaeology: The Art and Science of Digital Forensics
• Forensic Science: From the Crime Scene to the Crime Lab

Popular computer forensics websites

• ForensicsWiki
• Open Source Digital Forensics Conference
• Linux LEO
• California Cybersecurity Institute
• Forensicmag
• SANS forensics reading room
• ICCyber conference
• Old DFRWS
• DFRWS
• AboutDFIR
• binary foray

Open-source forensics tools

• Autopsy & Sleuth
• Autopsy 3rd Party Module Repository
• NirSoft
• Kali Linux
• CAINE Linux
• SIFT Workstation
• TestDisk and PhotoRecv
• Collection of forensics tools I
• Collection of forensics tools II
• Computer Forensic Tool Testing
• Eric Zimmerman's tools
• Porcupine: old tools

Recovery tools

• Password recovery tools
  • ophcrack
• File recovery tools
  • bulk extractor

Free forensics tools

• DataDump & DCode
• 7-Zip plugins\Forensic7z

Digital Forensics images

• Honeynet
• The Honeynet Project
• Corpora of disk images
• CFReDS Project
• Digital Forensics Tool Testing Images
• Electronic Discovery Reference Model
• Digital Forensics Research Workshop Challenges
• Hacking case
• Forensics case
• CGsecurity
• Technical — ENISA
• Computer Forensics CCIC Training
• Circl forensics training
• Defcon DFIR CTF 2018
• Between two of IRNS
• Digital Forensics Challenge
• Computer Forensics, Malware Analysis & Digital Investigations: Forensic Practical
• Ali Hadi DFIR
• Volatility Memory Samples
• Wireshark sample captures
• LMG network forensics puzzle Contest
• Enron Email Dataset
• UNHcFREG Datasets for Cyber Forensics
• DFIR Training images

Popular operating system websites

• OSDEV