Looking for a littl...
 
Notifications
Clear all

Looking for a little help / advise.

9 Posts
4 Users
0 Likes
529 Views
(@artee)
Posts: 13
Active Member
Topic starter
 

Morning all,

I'm in my second year of a computer forensics degree and although i'm really enjoying it, i don't feel like I'm learning enough. The first year of our course was basically a general computing course and so far in to the second year we have four hours a week dedicated to forensic based learning, but most of this is criminology and law based. Overall, the course so far feels like its been slapped together.

I know a lot of this will be needed in the future but we have had hardly any hands on time with anything actually forensic based. There is only a single room at the university that have 'forensic machines' in them and it is only free for a couple of hours a week meaning i am unable to go in and go over any actual practical work we have done.

Could anyone recommend any books, tutorials, tools etc i could be learning whilst at home to help me progress.

Thanks in advance.

 
Posted : 08/02/2016 4:53 pm
(@skulkin)
Posts: 38
Eminent Member
 

Hi,

Packt have puplished a lot of digital forensic books recently, for example, Practical Mobile Forensics.

If you are more interested in classic computer forensics, I'd recommend Digital Forensics with Open Source tools published by Syngress.

And, of cource, get a copy of Brian Carrier's File System Forensic Analysis.

There are a lot of good articles here, at Forensic Focus.

For news, articles, book releases, etc you can also check our project

http//weare4n6.com/

 
Posted : 08/02/2016 5:07 pm
keydet89
(@keydet89)
Posts: 3568
Famed Member
 

Looking at this page

http//www.weare4n6.com/the-second-edition-of-windows-registry-forensics-is-expected-in-april/

Why is the release of WRF 2/e such a great thing?

Thanks.

 
Posted : 08/02/2016 5:13 pm
(@skulkin)
Posts: 38
Eminent Member
 

Because we really enjoyed the 1st edition and are waiting for the 2nd to be released )

 
Posted : 08/02/2016 5:29 pm
(@artee)
Posts: 13
Active Member
Topic starter
 

Thanks for the quick replies. I will look at what you have mentioned already. I did forget to mention that at uni we are mainly using EnCase (When we do use anything).

 
Posted : 08/02/2016 6:25 pm
(@skulkin)
Posts: 38
Eminent Member
 

Computer Forensics and Digital Investigation with EnCase Forensic v7 by Suzanne Widup is a good choice!

 
Posted : 08/02/2016 6:35 pm
keydet89
(@keydet89)
Posts: 3568
Famed Member
 

"Windows Forensic Analysis", second and fourth editions, as well as "Windows Registry Forensics", contain links to tools you can use. You can follow along in the various chapters and use the tools against images that you can find online. For example, Lance Mueller's blog, forensickb.com, has several "practicals" available, which are images of XP systems. David Cowen makes several Win7 images available along with his book, "Computer Forensics InfoSec Pro Guide".

 
Posted : 08/02/2016 6:41 pm
MDCR
 MDCR
(@mdcr)
Posts: 376
Reputable Member
 

Since the "reading books" part which already have been covered, my advice is the following

1. Tinker at home

- Get a cheap computer, buy one of Ebay or something so there is user data on it.
- Can also get hard drives that people have used, examining empty drives is not so rewarding.
- Get a Linux Live CD, Image the drives to your home computer.
- Play around with that on your free time. Make a timeline, detect artifacts etc. Ask your friends to "do something" on the drive and find it.

You do not need a writeblocker for tinkering at home so just have fun (You can always get one if you have too much money).

Also

2. Watch youtube

Nowadays there is plenty of videos about Forensics on Youtube that you can learn alot from (Blackhat, DefCon and such).

 
Posted : 17/02/2016 9:02 pm
(@artee)
Posts: 13
Active Member
Topic starter
 

Thanks again for all the advise. You guys have been very helpful.

 
Posted : 22/02/2016 7:23 pm
Share: