Udemy
IT & SoftwareNetwork & SecurityComputer Forensics

Hard Disk Forensics: A Learning Guide

Get a brief overview of everything you need to learn to master Hard Disk Forensics.
Free tutorial
Rating: 4.2 out of 5 (32 ratings)
1,886 students
36min of on-demand video
Created by Nandan Desai
English
English [Auto]

Students will learn about Filesystems, Partitions and Partitioning Schemes, etc.
Learn how to systematically master different topics in Hard Disk Forensics using a Conceptual Model.
Learn how to use The Sleuth Kit (TSK) tool to analyze Filesystems and Volumes.
Walk away with a strong foundational knowledge required to further explore Hard Disk Forensics.

Requirements

  • Some prior computer science knowledge will be helpful.

Description

Introduction: Welcome to my comprehensive course on Hard Disk Forensics! This course aims to provide a brief overview of all the essential concepts you need to learn to enter the world of Hard Disk Forensics. In just about 36 minutes, you will acquire a solid understanding and a map of resources to systematically learn and practice Hard Disk Forensics.

Course Overview:

  1. In this course, I'll introduce you to a systematic conceptual model that plays a crucial role in understanding the various sub-systems analyzed in Hard Disk Forensics.

  2. You'll learn about the basics of several key components, including Filesystems, The Sleuth Kit tools (the backbone of Autopsy), Partitions, Partition Tables, Partitioning Schemes, Data Link standards like ATA and SCSI (with a focus on ATA), and more.

Foundation for Mastery: This course will lay a strong foundation for your journey to mastering Hard Disk Forensics. With the knowledge gained, you'll be well-equipped to explore the fascinating world of digital investigations.

Systematic Conceptual Model: I'll start by defining a conceptual model with five layers:

  1. Application Layer

  2. Filesystem Layer

  3. Volume Layer

  4. Interface Layer

  5. Physical Layer

Understanding the Layers: Throughout the course, I'll delve into the basics of the first four layers, providing you with valuable resources to explore each layer in depth. This systematic approach will enhance your comprehension and practical skills.

Key Resource: The primary book I have referenced for this course is "Filesystem Forensic Analysis" by Brian Carrier. This resource has been instrumental in shaping the content and knowledge shared in this course.

By the end of this course, you'll have the knowledge and tools to confidently navigate the realm of Hard Disk Forensics.

Who this course is for:

  • Anyone interested in Computer Forensics.

Instructor

Nandan Desai
A graduate student at Carnegie Mellon University.
  • 4.2 Instructor Rating
  • 32 Reviews
  • 1,886 Students
  • 1 Course

Nandan has established a proven track record of constructing software from scratch, whether it's a cross-platform desktop app, an Android app, a web app, a software library, or an automation script.

And his interests and skills extend well beyond software development. He has honed his proficiency in various areas, including:

Computer Forensics (Host and Network Forensics): Nandan is well-versed in Disks and File Systems, and he possesses in-depth knowledge of various forensic tools and their internal workings.

Reverse Engineering: Proficient in binary executable formats like COFF/PE and ELF, Nandan demonstrates skills in Memory Scanning, debugging using WinDbg and GDB, disassemblers like Ghidra (though he prefers Binary Ninja), and Windows-specific tools like Sysinternals.

Security Engineering: Nandan's expertise ranges from Application Security (SAST and DAST) to Identity and Access Management (IAM) in an Enterprise network.

Top companies trust Udemy

Get your team access to Udemy's top 30,000+ courses
Try Udemy Business