Diese Präsentation wurde erfolgreich gemeldet.
Wir verwenden Ihre LinkedIn Profilangaben und Informationen zu Ihren Aktivitäten, um Anzeigen zu personalisieren und Ihnen relevantere Inhalte anzuzeigen. Sie können Ihre Anzeigeneinstellungen jederzeit ändern.
Overview on Digital Forensics
Pardhasaradhi
9948421964
@pardhuc
Digital Forensics
• What
• Why
• Where
• When
• How
Digital forensics Methodology
Reporting
Collection
Preservation
Processing
Analysis
Production
Areas Covered
Forensic Suite
Terminology
Hashing
Deduplication
MBR
MFT
Slack space
Unallocated space
Unused space
Wipe
Carving
MAC
A company named XYZ was in loss after its
source code was released in public domain,
Company management believes it’s
beca...
Acquisition
Demo
Processing
Technique is important than a software
Demo
Analysis
Areas Needs to be covered
• Memory Dump
• Registry
• Internet History
• Files stored in the Asset
• etc.
Tools:
A...
Demo
Production
Gathering of all the findings and arranging them in a
systematic manner with all metadata
Reporting
Writing rep...
Demo
References
www.Pardhasaradhi.info
Guidance Software
Access data
Sleuth kit
DEFT Linux
Test Images & Challenges
Communities...
root@pardhasaradhi.info
Twitter: pardhuc
Mob:09948421964
Nächste SlideShare
Wird geladen in …5
×

Overview on digital forensics

Null presentation on Scenario based Digital forensics Concepts

  • Als Erste(r) kommentieren

Overview on digital forensics

  1. 1. Overview on Digital Forensics Pardhasaradhi 9948421964 @pardhuc
  2. 2. Digital Forensics • What • Why • Where • When • How
  3. 3. Digital forensics Methodology Reporting Collection Preservation Processing Analysis Production
  4. 4. Areas Covered
  5. 5. Forensic Suite
  6. 6. Terminology Hashing Deduplication MBR MFT Slack space Unallocated space Unused space Wipe Carving MAC
  7. 7. A company named XYZ was in loss after its source code was released in public domain, Company management believes it’s because of one of their employee who was identified with suspicious activities since a week. They hire a forensic expert for the internal investigation. Scenario
  8. 8. Acquisition
  9. 9. Demo
  10. 10. Processing Technique is important than a software
  11. 11. Demo
  12. 12. Analysis Areas Needs to be covered • Memory Dump • Registry • Internet History • Files stored in the Asset • etc. Tools: Any tool can be used until the procedure followed and the functionality of the tool is explained when and where required. • Open source • Commercial • Proprietary
  13. 13. Demo
  14. 14. Production Gathering of all the findings and arranging them in a systematic manner with all metadata Reporting Writing reports is itself a has an importance
  15. 15. Demo
  16. 16. References www.Pardhasaradhi.info Guidance Software Access data Sleuth kit DEFT Linux Test Images & Challenges Communities Materials
  17. 17. root@pardhasaradhi.info Twitter: pardhuc Mob:09948421964

×