Computer Forensics processes and Techniques

Forensics Swiss Knife

--------------------------

May 26, 2017

First time show-up project plan is submitted

Next week: Project proposal -- Develop a real world scenario

Grade: waiting to see the deliverable next week. once submitted the grade will be high.

--------------------------

June 2, 2017:

all present. create a google share drive and upload all project artifacts in there. Wiki page must be
create.

Next week tasks:

1- The Project plan must be ready.

2- The deliverables defined in the project plan up to Jun 9, 2017 must be delivered.

3- Book Must be delivered.

4- The draft final report including: TOC, Current project proposal based on the presentation on
Moodle, lab experiment architecture based on detailed description given in meeting, swiss knife
toolkit programming language, what is included, what opensource tools will you be using, what will
be you own accomplishment, the lab scenarios, and deliverables based on the plan.

Group took a picture

------------------------------------------------------

June 9, 2017: All team members present; book is provided; the project plan is provided the
deliverable will be clearer; the tools must be uploaded to the Google drive; Wiki page will be shown
next session;

Requirements for next session: 1- based on project plan; 2: lab diagram; 3- test scenarios

Next session: June 23, 2017

Grade: 100% thanks

------------------------------------------------------

June 23, 2017: All team members are present. the scenarios and diagrams need to be more specific
and include all information regarding IP, etc. Raghav provided verbal details. please write it down
step by step including the screen shots of image, what infection? which logs? provide as more
details as possible. change the project plan as the next session will be concentrating on what the
team is going to accomplish and how? it is a group effort. grade: fair/good
next session: July 7, 2017

------------------------------------------------------

July 7, 2017: All present. Screenshots of netcat and PStool installation on Windows and running
primary commands from within windows to get dir and ipconfig output is shown. The dir and ipconfig
output is sent on port 222. the next step the team receives the traffic on kali linux and puts it on a
text file. team must come in next session only if they have followings:

1- Updated project plan with clear deliverable list. 2- The discussions in the class must be written in
a word document and step by step description and the pictures in right place including image
caption. the team must provide a report that does not need 1 hour explanation. 3- create multiple
users with different roles on windows and then login logoff and run some programs. Try to grab the
login logoff information/ usernames/ date/time in your linux machine as well as the programs that the
user ran. next session team will provide written report and live demonstration.

Grade exempted for next session

next session: July 28, 2017

------------------------------------------------------

July 28, 2017: all present. Team needs to leave and wants to exempt this session and promised to
provide good final reports on next session.

There is no grade for the month of July so team loses this but if the final report and video is very
good then the team might be able to get extra marks to compensate the month of July grade.

Next session: August 4,2017

------------------------------------------------------

------------------------------------------------------

Aug. 4, 2017: this is the first group tonight. All present. Draft final report provided. the group will
continue the scenario with uploading a malware into Windows 7 and then show the finding and then
provide a forensics report. screenshot of the Forensics process given to the students on Google
drive to create a chapter.The videos for the scenarios provided. the last scenario will have video as
well. Grade 100%

Next session will be the last session: Friday 11, 2017

-----------------------------------------------------