Brett's Blog

Just some ramblings.

WinFE online is done, except for a few little things

As with everyone, when you think you have time and make plans, a dozen interruptions will delay even the most determined.  But, the WinFE online course is practically done except for:

1) latest build of Mini-WinFE being tested first to incorporate into the course (with UEFI support and a few other goodies)

2) reviewing the entire program (a volunteer is waiting for me to send him the link, after the Mini-WinFE testing is done..)

Not to say I got a little wild with this weekend project, but yeah, I got a little wild.  A short YouTube video intention evolved into a lot more.  In fact, every piece of downloadable WinFE related wallpaper, script, program, and links to anything I cannot personally distribute is in the program.

Until I push the button to release the course, it's vaporware, just like the write protect tool was vaporware before it was completed.  But the course sequence that is completed already is listed below.  If there is anything not listed that you have wondered about, speak up now or I will not know what may be missing.

I covered every major build method with videos (and downloadable guides when appropriate).

Introduction to the Course

WARNINGS!

I. Forensic Booting of Evidence Computers

II. Forensic Boot Operating Systems

Intro to Forensic Boot Systems

Linux Forensic Operating Systems

Windows Forensic Environment (Windows FE, WinFE)

III. WinFE Basics

Creation and development of WinFE

WinFE Write Protection Tool

Disk Management & DiskPart

WinFE and Your Forensic Software

IV. WinFE Validation

V. Building the Windows Forensic Environment

Building the Basic WinFE

Building WinFE with WinBuilder

Building WinFE Lite

Building Mini-WinFE

Building the Windows Triage Environment

Building a MultiBoot WinFE

VI. Using WinFE

Forensic Data Collection (file copying, disk imaging)

Triage and Preview

Remote Booting and Collections

Onsite Forensic Analysis

Covert Collections/Sneak and Peeks

WinFE as an Electronic Discovery Tool

WinFE and Disk Encryption

WinFE as an Educational OS

VII. Wrapping Up with WinFE

Summary

WinFE Qualification Exam

 

Don't blame me...
Digital Forensics Book of the Year!

Related Posts

 

Comments 2

Guest - Allison Goodman on Thursday, 05 June 2014 12:21

Wow Brett - once again you leave me speechless with all of your work. Thank you so very much. WinFE is a huge part of our arsenal and I can't thank you and Troy enough - and everybody else that has contributed to this wonderful project.

0
Wow Brett - once again you leave me speechless with all of your work. Thank you so very much. WinFE is a huge part of our arsenal and I can't thank you and Troy enough - and everybody else that has contributed to this wonderful project.
Guest - Brett Shavers on Thursday, 05 June 2014 12:55

WinFE is neat. The online course (lessons and everything) is more than enough for the newest person in forensics to work with, build a WinFE, and use it. If I were still teaching forensics at the U, I'd have the students go through this entire course. Hopefully the weekend will be free from other duties to get this done...

0
WinFE is neat. The online course (lessons and everything) is more than enough for the newest person in forensics to work with, build a WinFE, and use it. If I were still teaching forensics at the U, I'd have the students go through this entire course. Hopefully the weekend will be free from other duties to get this done...