Summer Forensic Workshop (Live onsite – Huntington, WV) – July 2024
3-day Advanced Workshop
Day 1 Overview
Windows 11 Forensic Update
In this one-day workshop you will be exposed to the latest advancements in digital forensics within the Microsoft Windows® 11 Operating System. This specialized day delves into the newest forensic artifacts, updated system configurations, and enhanced analysis techniques tailored for Windows 11 environments.
Throughout the day, participants will navigate through a comprehensive review of Windows 11 features, dissecting updated artifacts and exploring novel user data locations. Dive deep into the analysis of new virtualized applications, gaining invaluable insights into the evolving landscape of digital investigation on Windows 11.
Highlighted topics include the examination of traditional artifacts such as, OneDrive, BitLocker and SandBox environments, alongside an exploration of application artifacts specifically tailored for Windows 11. Participants will gain invaluable insights into the modifications and enhancements introduced in the latest OS iteration, enabling them to adapt their forensic methodologies accordingly.
Day 2 Overview
UAV (Drone) Forensic Workshop
Embark on an immersive journey into UAV digital forensics with our one-day workshop, tailored for intermediate-level participants seeking hands-on expertise in extracting and analyzing data from Unmanned Aircraft Systems (UAS), colloquially known as Drones, and their associated control devices.
Developed by Spyder Forensics, this course delves into the intricacies of UAV technology, equipping attendees with the knowledge and skills to conduct forensically sound extractions and analyses of UAS data following incidents involving drones.
Through a blend of theoretical insights and practical demonstrations, participants will learn to perform non-destructive data extractions from within the aircraft and control devices, leveraging industry-standard tools to create comprehensive forensic collections. This collection will encompass crucial data such as flight logs, aircraft data, photos, and videos, all without the need for dismantling the aircraft or controller.
Upon acquiring data, attendees will delve into advanced analysis techniques, mastering the interpretation of flight logs and user data using specialized software designed for UAV structures. Moreover, participants will gain insights into workflows facilitating seamless connection between drone applications and flight data retrieved from the aircraft.
Throughout the workshop, all software utilized will be readily available for application within DFIR labs at no additional cost, ensuring attendees can seamlessly integrate their newfound skills into their forensic practice without additional financial outlay.
Day 3 Overview
SQLIte Forensic Fundamentals
Dive deep into the realm of database forensics focusing on SQLite database analysis. SQLite stands as a ubiquitous relational database management system, cherished by developers for its standalone functionality, simplicity in setup, management, and minimal resource requirements. In today’s digital landscape, where most mobile applications and mainstream web browsers rely on SQLite databases for storing crucial user data, it’s imperative for forensic examiners to possess adept skills in navigating this widely-used format.
This one-day workshop is meticulously crafted to equip participants with a comprehensive understanding of relational databases and the nuances of SQLite exploitation. Through hands-on exploration, attendees will delve into the intricacies of extracting and deciphering information housed within SQLite tables, especially when conventional forensic tools may fall short.
Throughout the day, participants will engage in practical exercises, utilizing various techniques to extract and interpret data stored within SQLite data files. By working with the results from commonly-used applications, attendees will solidify their understanding of SQLite fundamentals and lay a strong foundation in forensic techniques essential for effective SQLite analysis.
Students will use a variety of open source and leading forensic applications to examine key artifacts through multiple hands-on labs and student practicals.
What you will receive:
Printed course manual · Access to the Spyder Forensics Academy · Course certificate