Skip to content
/ Digital-Forensics-investigation Public

This report was written for the Digital Forensics Analysis coursework, specifically the first assignment. In which, steps and screenshots for each investigation process are recorded.

License

MIT license
11 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

sondosaabed/Digital-Forensics-investigation

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
A Digital Forensics Investigation.pdf
A Digital Forensics Investigation.pdf
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

Digital-Forensics-investigation

Digital Forensics investigation using FTK-Imager and Active Disk Editor

This report was written for the Digital Forensics Analysis coursework, specifically the first assignment. In which, steps and screenshots for each investigation process are recorded.

Summary

Throughout this investigation, the process was divided mainly into 4 sections. The first section is where the programs FTK and Active are introduced and the investigation is overviewed. The second section is concerned with building evidence, a virtual Hard disk drive image, and justifying why it was chosen. The third section presents the creation of a Virtual Hardisk Drive, and its partitions (primary and extended), then deleting two of them. The fourth section is about Evidence and file recovery.

Example Screenshots

  • Using FTK Imager

image

  • Using Active Disk Editor

image

About

This report was written for the Digital Forensics Analysis coursework, specifically the first assignment. In which, steps and screenshots for each investigation process are recorded.

Topics

incident-response partitioning digital-forensics file-recovery virtual-hardisk ftk-imager active-disk-editor

Resources

Readme

License

MIT license
Activity

Stars

11 stars

Watchers

1 watching

Forks

0 forks
Report repository