The Advanced Windows® 10 Forensic

Bounga Informatics will be hosting series of Spyder Forensics courses this upcoming October 2023.

Spyder Forensics is the premier training organization delivering tool-agnostic workflow-based instruction to the global DFIR community. 

Advanced Windows® 10 Forensic Analysis Course Overview

The Advanced Windows® 10 Forensic Analysis class is an expert-level four-day training course, designed for examiners who are familiar with the principles of digital forensics and keen to expand their knowledge on advanced forensics using a host of third-party tools to improve their digital investigations techniques.

The Spyder Forensic Advanced Windows® 10 Forensic Analysis course will give participants unbiased knowledge and skills necessary to analyze artifacts left behind through system and user interaction with the host system, utilizing industry standard tools and open-source applications to explore the data in greater depth by learning how applications function and store data in the file system.

Students will learn to use various applications and utilities to successfully identify, process, understand and document numerous Windows artifacts that are vitally important to forensic investigations. The participant will also gain knowledge on how to process Chromium Edge browser history, cookies, and other database analysis including examination of BitLocker encryption,  the Windows Action Center, Windows 10 TimeLine and other Windows 10 \ 11 specific artifacts. The course includes gaining in-depth knowledge of JumpLists, Registry analysis and prefetch files and how they relate to forensic investigations and conclude with an in-depth look at OneDrive and synchronization processes between trusted devices,  SQLite forensics plays a big role in the analysis of data therefore students will gain detailed knowledge in scripting and data exploitation.

We will use a variety of open-source and leading forensic applications to examine key artifacts through multiple hands-on labs and student exercises.                 

Below are the topics covered during this hands-on intensive course:

·  Windows® 10 Artifact Overview
·       BitLocker Encryption
·       Exercises in Examination Workflows
·       Windows® Shortcuts and Jumplists
·       Windows® Timeline
·       Windows® 10 Notifications
·       Photo’s Application Artifacts
·       Edge Browser Forensics
·       OneDrive – Cloud Synchronization 

Leave a Comment