A forensics cyber security simulation of an investigation entitled “Football Leaks”.
This investigation will be conducted in three progressive stages, stage1, stage2 and stage3, each of them exploring different cyber security forensic techniques. This simulation will help you gain hands-on experience on techniques such as file forensics, steganalysis, analysis of hard disk images, network analysis, and malware analysis.
-
Stage 1
- File forensics and Steganalysis
-
Stage 2
- Analyzing hard disk images
-
Stage 3
- Network analysis and malware analysis
The investigation has a sequence of events. Therefore, it is necessary and recommended to start the investigation at stage 1.
At each stage, an assignment is provided, which indicates what digital artifacts to analyze and how to analyze them. The digital artifacts are also provided. Your job is to analyze the digital artifacts and answer four questions. Justify your answers by providing all the relevant evidence you can find. Make sure to explain your hypotheses and how you have proceeded to validate them. You should write a forensic report that describes your findings.
In case you have no clue, on how to proceed with the investigation, a detailed solution for each stage is provided.
To analyze the digital artifacts, you may use the Kali Linux
distribution or the Parrot OS
distribution on a forensically sound virtual machine.
- Programming (preferably python)
- Unix
- Bash
All stage assignments and artifacts were provided by Instituto Superior Técnico, however each stage solution were developed by us.