Surviving Digital Forensics: Windows Explorer

Learn how to prove file use & knowledge with evidence from Windows Explorer
3.9 (24 ratings)
Instead of using a simple lifetime average, Udemy calculates a
course's star rating by considering a number of different factors
such as the number of ratings, the age of ratings, and the
likelihood of fraudulent ratings.
356 students enrolled
Take This Course
  • Lectures 9
  • Length 1 hour
  • Skill Level All Levels
  • Languages English
  • Includes Lifetime access
    30 day money back guarantee!
    Available on iOS and Android
    Certificate of Completion
Wishlisted Wishlist

How taking a course works


Find online courses made by experts from around the world.


Take your courses with you and learn anywhere, anytime.


Learn and practice real-world skills and achieve your goals.

About This Course

Published 7/2014 English

Course Description

All SDF courses may now be found at SUMURI.COM. This course will remain live in UDEMY for existing students.

Welcome to the Surviving Digital Forensics series. Oftentimes you will be asked to find information on a target system that shows if a user accessed certain files, the last time they did and/ or how often they did. Being able to put a picture together that answers these questions can be critical and make or break the case. In this course you will learn one method that can be used to answer these questions. Of course we will be using all low cost or no cost computer forensic tools. The course is focused on just what you need and you will be up and running in under an hour.

As with previous SDF classes you will learn by doing. The class begins with a brief overview of the method we will be using and then it is all hands on. There are three practicals in which you work with our prepared files in applying the technique as well as questions to answer about each scenario.

What are the requirements?

  • PC system (PC VM will do)

What am I going to get from this course?

  • Overview of target files used for IE History
  • Learn about the target files in IE History you can use to extract file access data
  • Learn how to organize these files to use with a freely available forensic tool
  • Learn how to use this technique to obtain the file names & file paths of user accessed files
  • Learn how to identify when a file was last accessed in IE History
  • Learn how to tell how many times a file was accessed in IE History
  • Learn how to identify accessed files from the local system and tell them apart from those on other volumes (such as external media or networked drives)

Who is the target audience?

  • Computer forensic analysts
  • IT professionals
  • Students

What you get with this course?

Not for you? No problem.
30 day money back guarantee.

Forever yours.
Lifetime access.

Learn on the go.
Desktop, iOS and Android.

Get rewarded.
Certificate of completion.


Section 1: Welcome & Introuction

Welcome to Surviving Digital Forensics!

Section 2: About Windows Explorer Evidence

Let's begin with an overview of what we will be talking about, IE History artifacts. This background information will help you better understand what we are doing in the practicals.

Overview Quiz
4 questions
Section 3: Practicals

Just relax for this one while I go over how to set up your evidence and load it into the forensic tool.

Practical 01
1 page
Practical 02: External Media
1 page
Practical 02 Quiz
3 questions

Let's see how you did. In this module I go over practical #2.

Practical 03: Hidden Directories
1 page
Practical 03 Quiz
3 questions

Let's see how you did with this one. This module goes over practical #3.

Section 4: Conclusion

I hope you enjoyed the class!

Check out other classes of the SDF series at

Follow me on Twitter @LeclairDF to get the latest happenings of the SDF series.

Check out our Blog at

Check out our Youtube channel

Students Who Viewed This Course Also Viewed

  • Loading
  • Loading
  • Loading

Instructor Biography

Michael Leclair, Computer Forensic Analyst

Over twelve years of experience as a Computer Forensic Analyst, author and developer of computer forensic training and analysis tools. Specialties include: Windows forensics, Mac forensics, iOS forensics, Mac Server forensics & mobile device forensics. Creator of the "Surviving Digital Forensics" series and part of SUMURI's RECON for Mac OS X development team.

Certifications include: CFCE, CISSP, CCE, EnCE, A+, Network+

Regularly instruct law enforcement, government and corporate investigators both nationally and internationally in computer forensics.

Ready to start learning?
Take This Course