CSI Learn is a collaboration between leading digital forensic investigation & training providers.

All our courses have been taught in a classroom setting to 100's of Law Enforcement officers, Government and Corporate investigators in 15+ countries.

Learn more »

This is a hands on, practical and immersive course suitable for those who use the internet to conduct open source investigations or intelligence research. Learners will undertake a number of practical exercises throughout with a final exercise using the skills developed throughout. The course is aimed at professionals experienced in their fields but new to internet investigations or experienced researchers who want to make sure that their work can withstand legal scrutiny. Read More

The course is designed for Hi-Tech Crime Units and other digital investigators who want to leverage RAM to acquire evidence or intelligence which may be difficult or even impossible to acquire from disk.  The course does not focus on the complex structures and technology behind how RAM works but rather how an investigator can extract what they need for an investigation quickly and simply. An extraordinary course which has opened up a whole new world of evidence gathering - UK Metropolitan Police Officer This course has been taught in a classroom format to 100's of investigators in over a dozen countries and receives rave reviews. The best computer forensics class I've ever taken - Swedish Police Officer We use professionally shot video, screen capture and high quality audio combined with whiteboard animations, quizzes and interactive sections to maximise your learning and retention. The course is designed to be fully hands-on, it is vital that the student follow along with each section and so would benefit from having 2 screens if possible.  The class should take around 18 hours to complete if you try each command, complete the practicals and take the final exam. To sit this course in a classroom with Nick Furneaux teaching costs around £1850 (UK), however you can now enjoy the class from the comfort of your own computer for just £950 (UK).  If you are Government or Law Enforcement please contact me via the contact page on www.csitech.co.uk for a discount code. Take this class!  You will never look at computer memory the same again - Investigator for European Bank Syllabus Approaching the Live Scene Live RAM imaging (Cmd line and GUI based) Imaging Windows RAM Volatile data acquisition Live Disk imaging Creating and scripting your own USB based toolkits Scripted disk and RAM imaging Quick Wins - what can we do with a RAM dump quickly Advanced Memory analysis Extraction of bespoke file types Extraction of Internet History Extraction of Skype chat and other data Extracting data from Hiberfil and Crashdump files Understanding running processes and how they can help an investigation Enumerating network sockets and connections Finding and carving files for each process Reconstructing the Internet History Carving and investigating network packets Extracting executables from memory samples Virus checking RAM dumps Registry analysis Location and extraction of specific registry keys Extracting the SAM and decrypting passwords Decryption of Truecrypt Finding other plain text passwords passwords Cracking the OSX keychain Imaging Linux RAM Linux RAM analysis section Imaging Intel Mac’s (OSX) OSX RAM Analysis section Real world practicals Loads more….. What will you need? You will require a Windows computer or Virtual Machine.   2 monitors is useful but not essential. You will need to be able to install programs. You will need a browser such as Firefox installed. You will need access to the command shell (locked down on some corporate machines) A pen and paper is useful. Read More

Shopping Cart

Your cart is empty