Where do I start? #3 Software Tools

When a student asks "where do I start" or "how do I learn about digital forensics?", the next thing to consider is the software tools you will use to learn more about this subject.

Suggestion #3 - Software Tools

As a student, you do not need to invest money in any commercial tool to learn digital forensics or cybersecurity. There are many widely used and respected free or open-source digital forensic tools. On the right side, I have already put links for many free or open-source tools. The book Digital Forensics with Open Source Tools by Cory Altheide and Harlan Carvey is an excellent reference on many of these tools and what they do. In addition to these software programs, you will need a good HEX editor. such as HxD, and familiarity with virtualization and virtual hard drives.  VirtualBox is an open-source Virtualization application. 

Some other applications that are helpful:

• Notepad++
• 7Zip
• Open Office (if you don't have access to other office suites.)

In a future post, I will go into more detail on these tools. For now, you can start downloading!

Where do I start? #2 Hardware

Suggestion #2 The Computer You Need

In my last post, I started answering the question I am most asked by college students - "How do I learn about digital forensics?"

There is good news, if you are a student just learning digital forensics or cybersecurity, you do not need a lot of expensive equipment. You will need a Windows-based computer. If you already have a MAC, of course, you do not need another computer, because you can boot camp your MAC and put Windows on it. With either of these, you will also be running Linux. You may either run it in a virtual machine or install it on your computer.

You will find it easier if your computer has at least 8 GB of RAM, 100 GB free hard drive space and the latest Windows operating system. However, honestly, you can learn with any working computer. Once you start working in digital forensic or cybersecurity, you will need a much more powerful computer and other hardware -- but that's a topic for another post.

Where do I start? #1 Books

Often when I'm asked to speak to high school and college students, they ask "where do I start" or "how do I learn about digital forensics?"  I thought I would start my blog posting by answering this question! In addition to college courses and/or professional training, there are many resources available to learn and practice your skills on your own.

Suggestion #1 - A few essential books for your library:

• The Basics of Digital Forensics: The Primer for Getting Started in Digital Forensics by John Sammons 
• Windows Forensics Analyst Toolkit by Harlan Carvey - Just be sure to get the latest edition!
• File System Forensics by Brian Carrier - An essential resource and reference book.
• Digital Forensics with Open Source Tools by Cory Altheide and Harlan Carvey

There are, of course, many other great books that I have on my bookshelf, but these are my go-to references and/or the best books to start with. I recommend starting with Sammons to get the basic concepts and then exploring from there.