Belkasoft Advanced is intended for investigators of intermediate or higher level of expertise who are already familiar with the fundamental principles of digital forensics and want to learn more advanced topics and enhance their skills in computer, mobile and cloud investigation using an all-in-one forensic solution - Belkasoft Evidence Center.
The course covers the basic digital investigation workflow and all major Belkasoft Evidence Center features. The participants will learn how to get the most out of their digital data sources, such as hard drives and disk images, smartphones, memory dumps, cloud storages, virtual machines, etc. Both "low-hanging fruits" and low-level analysis will be discussed. The participants will learn how to find hidden and deleted information and counter other anti forensics efforts using Hex, SQLite and Registry Forensics. In addition, you will learn how the facts and data are linked and what you could get from social graph analysis and analysis of running processes.
By the end of the course, you will learn how to get more work done with BEC in the most efficient manner, as well as expand your knowledge of digital forensics techniques and patterns.
Every module is accompanied by a set of practical exercises. All related questions will be answered during the training sessions. It is recommended that students first complete Belkasoft Essentials or have hands-on experience with Belkasoft Evidence Center (6+ months).
Duration: 2 days
Delivered by: online or onsite
- Introduction and Belkasoft Evidence Center overview
- Main analysis workflow, from acquisition to reporting
- Advanced analysis of Windows and Mac artifacts
- Acquisition and analysis of mobile devices
- Social graph analysis
- Hidden and deleted data analysis. Carving. SQLite analysis
- Live RAM analysis. Malware detection
- File System and Hex analysis. BelkaScript
- Exercises review and wrap-up