Left4Code

Digital Forensics Using Linux

This whole page is currently subject to change, I'm figuring things out.

This "Course" will be formatted in such a way where you can view any section you want, I'll provide what you need to know at the top of it, and it's up to you if you want to follow that advice or not.


[*Note*] This course got it's list of tools from this Tsurugi Linux page if this course ever becomes outdated (probably will unless I do community-submitted git integration) you can always find an updated list of tools there.


[*Also Note*] Everything with a "[✅]" means the section exists and "[❌]" means it does not. [🛠️] means I'm currently working on it.


Filesystem Imaging & hashing

Data Acquisition

Logfile Locations on Win & Lin, & Reading Logfiles

Memory Analysis

Common Types of Steganography & Detection

Network Forensics

Blockchain Forensics

Metadata forensics

Putting Together a Timeline & Report