In this video from our EXT4 File System Forensics by Divya Lakshmanan you learn all about the EXT4 layout. It's one of the first things you have to master if you plan on doing any file caeving or advanced forensics on EXT4. Let's dive in!
File System Forensics forms the root of any digital investigation process. Developing your skills in this area is sure to boost your confidence and propel you to navigate any investigation with ease. This course will make the esoteric nature of this topic coherent to a novice.
When I began exploring ext4 forensics, it piqued my curiosity. So much intricacy has gone into the development of the file system, leading to a number of forensic impacts. I conjured use cases and observed some interesting behaviour of the file system, which I would love to share with you. A lot of time is spent on processing information in bytes – which is definitely a drive down the road of patience! People usually shy away from data that is not intelligible to the average human. I will help you traverse through the world of bits and bytes in an enjoyable way. (Maybe we can communicate with aliens soon!)
Linux operating System is a ubiquitous one today. From servers, to desktops, to laptops, to tablets, to smartphones – Linux is everywhere. Underlying all that intelligent engineering is a file system that facilitates the handling of files on those devices. It is the container in any data storage device that handles file arrangement meaningfully. It is analogous to a well stacked, alphabetically sorted bookshelf. File System Forensics is the study about the existential behaviour of files on a storage device – which may undergo addition, modification or removal. One can think of it as a psychological study of the data storage container.
This course primarily deals with forensics on ext4, that is commonly used in Linux machines all over the globe. Ext4 is also found in a lot of IoT devices and in smart home devices. In the untoward occurrence of a forensic incident involving any such devices, the skills you get from this course would help you process them looking for evidence. File System Forensics is a sought-after skill in many investigative agencies. Here is your chance to become a “Forensics Yoda”!
At the end of the course:
- You will know how to perform file carving on EXT4, for data recovery or forensic purposes.
- You will target specific bytes of data in the ext4 file system and interpret them to gain meaningful information
- You will possess the finesse to tackle bytes (zeros and ones) fearlessly within the EXT4 layout
- You will add another badge to your skillset. File System Forensics is a must-know topic for every skilled digital forensic investigator