[ :: mainpage :: register :: conference :: training :: venue map :: agenda :: press/media ]
[ :: capture the flag (CTF) :: zone-h hacking challenge :: open-hack :: forum :: sponsors ]
[ :: contact :: past conferences :: open source security project showcase ]

Conference presentation materials have been released.
You can download them from Packet Storm


Filed under: Training — Administrator @ 7:43 pm

April 20, 2005

Title: Digital Investigations: Practical Digital Forensic Analysis
Trainer: The Grugq (Anti-Forensics Specialist)
Capacity: 30 pax
Seats left: 9
Duration : 2 days
Cost: (per pax) RM1800 (early bird) / RM2200 (non early-bird)



As the number of IT security incidents increases month upon month, the need for effective digital investigation techniques grows. This course teaches students how to conduct a successful digital forensic investigation, and builds a solid base of knowledge for further learning. Using a task-oriented approach, students will learn digital forensic analysis techniques and methodologies which can be applied immediately. During the course, strong emphasis is placed on technical understanding and skills.

The core curriculum of the course revolves around multiple File System Intensive sessions, focusing on file systems used on both Windows and UNIX/Linux platforms such as NTFS and Ext2FS. These File System Intensives use a combination of lectures and task-oriented hands-on lab exercises to instruct and reinforce the deep, low-level, file system knowledge crucial for effective digital forensic analysis and investigations. The lab exercises will teach core skills, such as how to:

* seize and preserve digital media
* recover deleted files (both manually and with tools)
* uncover evidence of tampering
* build a time-line

Each File System Intensive concludes with a sample investigation, reinforcing the skills developed within the course and building an understanding of how to successfully conduct a real investigation.

During the File System Intensive sessions, students will learn about the forensic analysis process, as well as the techniques and methodologies necessary for successful digital forensic investigations.


Students should be comfortable using Linux as an operating environment. Students will be assigned machines (desktops) in pairs. Each machine will include a Linux installation, including X windows. Development tools (e.g. gcc, make, etc.) will be installed, however no development experience is required. All tools will be provided on CD-ROM.

About The Grugq

The Grugq has been at the forefront of forensic research for the last six years, during which he has been pioneering in the realm of anti-forensic research and development. During this time, he has also worked with a leading IT security consultancy and been employed at a major financial institution. Most recently he has been involved with an innovative security software development start-up company. Currently the Grugq is a freelance forensic and IT security consultant. While not on engagements, the Grugq continues his research on security, forensics and beer.

Comments are closed.

Event Organizer

Hack In The Box (M) Sdn. Bhd.

Supported & Endorsed By

Malaysian Communications and Multimedia Commission (MCMC)

Malaysian Administrative Modernisation & Management Planning Unit

Main Sponsor

Microsoft Corporation

Official Airline Partner

Malaysia Airlines

Open-Hack Sponsor

VIA Technologies Inc.

CTF Sponsor

Scan Associates

CTF Prize Sponsor


Media Partners:

The Virus Bulletin Conference takes place at The Burlington, Dublin, Ireland, 5 to 7 October 2005. Register here.

Phrack Magazine

Our Speakers Are Supported By:

Bellua Asia Pacific

F-Secure Corporation

Supporting Organizations


Chaos Computer Club (Germany)

X-Focus China

Zone-H Defacement Mirror

Xatrix Security


Special Interest Group in Security & Information InteGrity Singapore