Digital Forensics Examiner – introductory course

Title: Introductory Open Source IT Forensics
Duration: 2 weeks

Course Aim

The aim of this course is to provide participants with an introduction to Open Source forensic software to carry out basic digital forensics tasks.

The entire course has been developed to incorporate Open Source or free tools that are available in most Linux distributions. Therefore each learning objective below will be achieved using Open Source software.


This is a very practical course, and as a result, a lot of preparation must be done by students who wish to attend it. Much of the theory will be delivered as e-learning material and recapped during the two-week course in review sessions and instructor-led practicals.

No previous advanced technical knowledge is assumed. However, students should have a basic understanding of computers and common software applications and able to communicate in English

An e-learning set of activities prepares students to attend the reshaped two weeks of classroom course with practical exercises on a criminal investigation scenario with materials developed in the scenario project.

The idea behind this was to reduce the quantity of theory on the course and make it much more practical.

A small list of agenda / topics / main points

Introduction to Linux, Introduction to Computer Data, Imaging and Hashing, Partitioning & Formatting, exFAT and NTFS File Systems, Data Carving, Metadata, Browser Artifacts, Registry Artifacts. Computer Forensic Strategies, Live Data Forensics.

If you are interested in applying for this course please read the following page