training material advice
I have started created a Moodle site for first year uni students to learn about computer forensics. The section I have created for Windows is straightforward as I have had seven years of First Line Support before starting the computer security and forensic course as well as what I have learnt on the course itself.
What I need advice on is more the Linux and OSX side of things to aid my understanding of these operating systems. So I looking for more information on how these operating systems file systems past and present work, how evidence could be obfuscated by malware or the user, Where information could be found regarding the user profiles, computer hardware, devices attached, browser history, how the trash can works and recovering evidence etc…
As well as helping with the theory side, I would like advise on the practical side so that I can create exercises for student to complete using free software like FTK imager or something else on a windows machine so they can put theory and practice together as well as gaining experience, the skills and knowledge that would aid them in the industry.
Visit dfir.training and you'll have access to tonnes of what you seek.