Hi there,
I am currently a sixth form student and I am planning to study Computer Forensics & Security at uni this September. To get me better prepared and to know a little more about the area, what things would you recommend I do, just to mess around and learn somethings?
I don't know very much about this topic so to speak, so if possible, please provide me with any links to things I could do or any good learning resources!
Thanks
kirby-11 )
Forensic Challenges
https://
Books
Carvey - Windows Forensic Analysis 2e
Carvey - Windows Forensic Analysis 3e
Carvey - Windows Registry Analysis
Carrier - File System Forensic Analysis
Casey - Handbook of Computer Crime Investigation Forensic Tools and Technology (Havent read it but ive heard its good)
Blogs
http//windowsir.blogspot.com.au/
there's a blogroll on the side, throw them into an RSS reader and there you go
It's a lot of work, but if you do a little bit every day you'll get through it.
Also going back and listening to the old episodes of forensic 4cast, cyberspeak, cybercrime 101, and inside the core might be useful.
oh and you can also download FTK Imager for free from Access Data and use it to image usbs/hard disks etc.
you can load said image back into FTK Imager or Prodiscover basic and play around with the settings.
Then there's also registering for SANS and downloading the SIFT toolkit and using the tools on there.
The sky's the limit really because you can just examine your computer and look for things you'd expect to find. ie you know you opened this file on this date, can i find the artefacts left behind by opening it (for win7 - jump lists, ie history, link files, possibly shellbags etc)