Open in app

Sign in

Write

Sign in

Dipanshu Pandey
4 min readAug 26, 2021

How To Get Started in Digital Forensics

Hi, I am Dipanshu Pandey and This is My First Blog on Medium.

In Today’s Blog I Would be Discussing about What is Digital Forensic and how to get started in it.

What is Digital Forensic

Digital Forensics or Computer Forensic is a way of analyzing and investigating a compromised computer system to gather artifacts and recover data from any digital device relating to any criminal case is called Digital Forensic.

Digital Forensics is generally performed in 2 sectors Government sector where you are hired by government to investigate in any criminal case which involve digital evidence and also you can be hired by any Private organisation to investigate a breach.

Above Diagram Shows You The Life Cycle (Procedure) of An Investigation

It is Estimated that career in Digital Forensic will rise by 28% till 2025

How Let’s do the Work for which you are here. Below I will list some of the best Digital Forensic books and some YouTube channels which you can visit to learn more about DFIR.

Books

  1. Digital Forensics withKali Linux: Perform data acquisition, data recovery, network forensics, and malware analysis with Kali Linux 2019 -> This was the first book I read about digital Forensics when I knew nothing about it. This book has super easy language and also if you don’t have any prior digital Forensics knowledge and want to get a high level overview of it then this book is for you. I read it as my first Forensic book and you can too, I guarantee you would not be disappointed.
  2. Digital Forensics and Incident Response: Incident Response Techniques and Procedures to Respond to Modern Cyber Threats, 2nd Edition -> This book gives you details about the Incident Response process along with some knowledge about digital Forensics.

These 2 books will give you high level overview of DFIR . So I will list some books below to get the in depth guide about specific topic like Windows Forensic, Network Forensic , Linux Forensic and Incident Response.

  1. Practical Windows Forensics -> This books gives you in depth guide about Windows forensic and how to carve artifacts present in Windows .

2. Practical Mobile Forensics: Forensically investigate and analyze iOS, Android, and Windows 10 devices, 4th Edition -> This is my favourite book about mobile forensic and covers both iOs and Android forensic.

3. Hands-On Network Forensics: Investigate Network Attacks and Find Evidence Using Common Network Forensic Tools -> This book completely focus on finding evidence using tools like Network Miner and Wireshark. It also contains a GitHub repo. Which contain pcap capture of various malware activities and authors step by step tell us how to hunt them.

4. Incident Response & Computer Forensics, Third Edition -> This book is also known as the Bible of Incident Response and gives you a very in depth guide about technical and non-technical procedure of Incident Response.

Above are some books which focuses only and only on Digital Forensic but as a Forensic Investigator you should also have skills of Log Analysis, CTI, Threat Hunting and Most important Patience.

YouTube Channels

  1. 13Cubed -> This channel explains you basic to advance concepts of Digital Forensics in a very easy and Practical Way and i personally recommend this channel.
  2. DFIR.Science -> This channel also uploads videos related to Digital Forensics and other IT related Topics.
  3. SANS Digital Forensics and Incident Response -> If you want to listen to listen to podcast and summits and learn Forensic then this channel is for you.

Digital Forensics is highly practical so you need to Practice more and more labs to get your hand set over it .

Their are many TryHackMe labs related to Digital Forensics which are available for Free to solve, you just need to apply the “Forensics” filter to see them.

Also after you will have solved the TryHackMe labs you can then move to cyberdefenders.org , which is a bit of adavnce level, and every challange in it tell you new things and you would feel very confident by solving it’s labs by yourself.

Digital Forensics Is not Only about Digital Forensic Investigation !

A Digital Forensics Investigator also need to Perform CTI(Cyber Threat Intellegence), Threat Hunting, basic Malware Analysis and Reverse Engineering in some cases.

Above were some resources related to Digital Forensics which could help you to get started in it and Open your Mind to make a carrear in Digital Forensic field.

I hope That you would Have liked my Post and if you have any suggestion then do comment it.

My Other Articles:

  1. Article On Log Analysis By Splunk , Solving TryHackme Juicy Details ->
    https://medium.com/@pandeydipanshu57/log-analysis-using-splunk-solving-juicy-details-tryhackme-92ea1b13eb0d
  2. Forensic Artifacts on Windows -> https://medium.com/@pandeydipanshu57/digital-forensics-artifacts-on-microsoft-windows-113274640d96

Thank You

Digital Forensics
Incident Response
Dfir
How To Become Forensic
How To Go In Dfir
Dipanshu Pandey

Written by Dipanshu Pandey

19 Followers

Hello, i am Dipanshu Pandey from India and i am a Cyber Security Enthusiast. I am focusing more on Blue-Teaming side and aiming to become a SOC in future.

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams