This repository documents hands-on forensic investigations involving image acquisition, integrity verification, and data recovery. I utilized both Windows-based and CLI-based tools to examine evidence from different file systems.
- Objective: Conducted bit-stream image verification and mounting of an ISO image
- Skills: Hash verification, logical mounting, file extraction
- Tools: Exterro FTK Imager
- Objective: Analyzed a raw Linux .dd image to find deleted files and mount to the host computer
- Skills: Command-line forensics, recovering deleted files
- Tools: The Sleuth Kit (fls, icat, blkcat)
- Windows Image: DFTT - ISO9660 Test Image [14]
- Linux Image: Guide to Computer Forensics and Investigations Test Image