Advanced Applied Database Forensics (Live On-Site, Largo, FL 2024)

5-day Advanced Course – Live on-site

Course Overview

Learn to use various applications and utilities to successfully identify, process, understand and exploit numerous database structures found on iOS, Android, Windows, and Apple systems.

Students will gain knowledge of how relational databases function in the storage of records and fields of information to support a front-end application.  SQLite will be covered in detail where the attendee will learn how to recover deleted information from Free Pages and unallocated space within the primary and journal files using scripting techniques.  Additional databases will then be examined including ESE, LevelDB’s and Binary Plists.

Students will examine data from a host of systems including Mac, Windows, Android, iPhone.

We will use a variety of open-source and leading forensic applications to examine key artifacts through multiple hands-on labs and student exercises. Throughout the weeklong course topics will include:

• Relational Database Fundamentals
• Examination of the SQLite Databases at the physical level
• Examination of SQLite B-tree Pages
• The exploitation of Overflow Pages, Freelist Pages, and Rollback Journals
• Analysis of Write-Ahead Logs (WAL) and Database Schemas
• Extensive exercises in using SQLite Query Language
• Extensive scripting of chromium based browser SQLite databases
• Deep Dive into LevelDBs and extraction of meaningful data
• Introduction to Apple Plist and forensic analysis

The course will follow adult learning principles through training aids such as presentations, diagrams, and practical instructor lead examples.  Each artifact covered will be presented in either one or two 50-minute sessions followed by review questions.  Students will be given the opportunity throughout the course to ask questions and discuss objectives covered in more detail.  Throughout each day students will have practical exercises to work on to reinforce the topics.

Students will examine data from a host of systems including Mac, Windows, Android, iPhone.

We will use a variety of open-source and leading forensic applications to examine key artifacts through multiple hands-on labs and student practicals.

What you will receive:

Printed course manual · Student USB  · Access to the Spyder Forensics Academy · Course certificate – Optional self-packed test post course completion

Course cost: $2,995

About the Trainer

Damien brings 12 years of eDiscovery & digital forensics experience to Spyder Forensics. He has extensive experience working with fortune 500 companies advising both legal and IT departments on all aspects of eDiscovery. With his technical knowledge and problem-solving skills, Damien is a proven eDiscovery workflow specialist and has helped numerous organizations identify cost savings while optimizing their eDiscovery processes. Before joining Spyder Forensics, Damien was a Managing Consultant at AccessData where he managed eDiscovery and digital forensics projects and provided services to companies in various industries including the Health Care, Energy, and Financial industries. Prior to that, Damien was a Computer Crime Specialist at the National White Collar Crime Center where he conducted digital forensic research and performed software validation studies on digital forensic software.