Curriculum
- 8 Sections
- 54 Lessons
- 52 Weeks
Expand all sectionsCollapse all sections
- Introduction to Cyber Dojo Platform3
- Chapter 1: Digital Forensics and Advanced Data Triage14
- 2.1Introduction to Windows Forensic Examiner Curriculum15 Minutes
- 2.2Windows Forensic Examiner Material5 Minutes
- 2.3The Fred Rocba Case14 Minutes
- 2.4Core Windows Forensics: Focus on Analysis49 Minutes
- 2.5Mounting Disk Images5 Minutes
- 2.6Windows SIFT Workstation VM Setup8 Minutes
- 2.7Lab 1.1: Mounting Disk Images Using Arsenal Image Mounter23 Minutes
- 2.8Memory and Triage Acquisition29 Minutes
- 2.9Introducing KAPE – Triage and Rapid Analysis Capability31 Minutes
- 2.10Lab 1.2: Triage Imaging with KAPE20 Minutes
- 2.11Lab 1.3: Mounting Triage VHDX Evidence4 Minutes
- 2.12Filesystem Overview2 Hours
- 2.13Lab 1.4: Memory Carving with AXIOM46 Minutes
- 2.14Quiz: Recovering Deleted Files60 Minutes3 Questions
- Chapter 2: Registry Analysis, Application Execution, and Cloud Storage Forensics15
- 3.1Registry Essentials40 Minutes
- 3.2User/Group Information Analysis9 Minutes
- 3.3Lab 2.1: User Account Profiling15 Minutes
- 3.4System Configuration Analysis36 Minutes
- 3.5Lab 2.2: System Profiling29 Minutes
- 3.6Analyzing User File Activity25 Minutes
- 3.7Lab 2.3: NTUSER.DAT Analysis39 Minutes
- 3.8Application Execution44 Minutes
- 3.9Lab 2.4: Application Execution Analysis37 Minutes
- 3.10Cloud Storage Forensics – OneDrive27 Minutes
- 3.11Lab 2.5: Cloud Storage Forensics – OneDrive26 Minutes
- 3.12Cloud Storage Forensics – Google14 Minutes
- 3.13Lab 2.6: Cloud Storage Forensics – Google33 Minutes
- 3.14Cloud Storage Forensics – Dropbox & Box12 Minutes
- 3.15Quiz: Registry Analysis, Application Execution, and Cloud Storage Forensics2 Hours38 Questions
- Chapter 3: Shell Items and Removeable Device Profiling7
- 4.1Shell Items Overview & Shortcut Files (.lnk)55 Minutes
- 4.2Lab 3.1: LNK Shell Item Analysis28 Minutes
- 4.3Jumplist and Shellbags51 Minutes
- 4.4Lab 3.2: Jumplist and Shellbags Shell Item Analysis49 Minutes
- 4.5USB Device Forensic Analysis40 Minutes
- 4.6Lab 3.3: USB Analysis22 Minutes
- 4.7Quiz: Shell Items and Removeable Device Profiling90 Minutes14 Questions
- Chapter 4: Email Analysis, Windows Timeline, SRUM, and Event Logs9
- 5.1Email Forensic Analysis4 Hours
- 5.2Lab 4.1: Email Forensics1 Hour
- 5.3Additional Windows Artifacts2 Hours
- 5.4Lab 4.2: Windows Timeline and Recycle Bin Analysis57 Minutes
- 5.5SRUM1 Hour
- 5.6Lab 4.3: SRUM Analysis55 Minutes
- 5.7Event Log Analysis2 Hours
- 5.8Lab 4.4: Event Log Analysis1 Hour
- 5.9Quiz: KAPE60 Minutes6 Questions
- Chapter 5: Web Browser Forensics9
- 6.1Processing Data with KAPE5 Minutes
- 6.2Lab 5.1: Automating Artifact Processing with KAPE13 Minutes
- 6.3Chrome Forensics Analysis3 Hours
- 6.4Lab 5.2: Chrome Browser Forensics58 Minutes
- 6.5Microsoft Edge and IE Forensics3 Hours
- 6.6Lab 5.3: Edge and Internet Explorer Analysis42 Minutes
- 6.7Firefox Forensics2 Hours
- 6.8Lab 5.4: Firefox Forensics43 Minutes
- 6.9Quiz: Browser Forensics — Cryptominer60 Minutes8 Questions
- Final Exam1
- Project: The Case of the Abducted Zebrafish3
