Course Objectives
Students will understand the general idea and best practices of evidence gathering. They will be able to perform memory dumps, analyze them and recognize indicators of compromise. Students will also learn how to dump and analyze forensic data from disks, and how to properly extract as well as interpret evidence.
- Evidence Gathering
- Memory: Dumping and Analysis
- Memory: Indicators of compromise
- Disk: dumping & analysis
- Disk: extracting and interpreting evidence
Course Content
- 8 hours of live workshop
- Demo-intensive content from real case scenarios
- 12 months access
- Discord community access
- Pre-work assignment
- Live-workshop and access to the recording
- Home assignment
- Small exam (50€ extra each)