ON-SCENE ROUTER INTERROGATION – Presenter Scott Lucas; second edition, recorded 06/20/2016. With the widespread availability of open wifi networks, it is increasingly likely that our bad guys may be committing their on-line crimes from locations other than their own homes. In these situations, the IP address of their activities will resolve to the location of the wifi network, and may even cast suspicion on an innocent party. Additionally, when we are executing a search warrant at a scene, we need to make sure that we have accounted for every computer, mobile devices, network attached storage devices, and anything else that may be attached to the network. This makes it vitally important that we are able to explore the inner workings of wifi routers, and understand what information may be available, where it may be located, and understand its volatility.
ON-SCENE TRIAGE OF ELECTRONIC EVIDENCE – Presenter Scott Lucas; recorded 07/28/2016. Gone are the days when we could just arrive at a scene, pull the plug on a computer tower, and take it back to the office for forensic examination. Now we must be prepared to identify a myriad of items, and we must be aware of situations which may necessitate significantly more complex and time-consuming evaluation on-scene. Valuable data can be lost forever if not collected at the correct time, in the correct manner. This webinar is intended to make investigators and responding officers aware of the types of electronic evidence that they may encounter, appropriate methods for seizing this evidence, special situations officers may encounter, and effective and appropriate tools and techniques for on-scene triage of electronic evidence.
iOS BACKUP FORENSICS – Presenter Scott Lucas, recorded 09/08/2017. Apple’s iOS runs on some of the most popular mobile devices on the planet, used by millions of people every day. There are a large number of forensic tools which can successfully extract helpful data from these devices to aid in our investigations. But what happens if the device is no longer available to us? What if the device has been destroyed or disabled in order to prevent our examination? What if the data on the device has changed, and the key piece we are looking for is no longer present? All may not be lost in these situations, because iOS device backup files are often available to us, and they can be examined just like the device itself, using a variety of tools. In this webinar, we will examine the process of creation of, the location and structure of, the data contained in, and the tools that will help us analyze iOS device backup files.
GETTING PAST THE iOS PASSCODE – Presenter Scott Lucas; recorded 06/09/2016. This webinar will explore various ways to bypass the passcode on a locked iOS device. Apple’s mobile devices are some of the most popular on the planet, and run versions of Apple’s mobile operating system, iOS. These devices often contain valuable evidence for our investigations, but this data is frequently protected by user passcodes. With the myriad of possible combinations of hardware and software versions, it can be challenging to determine if it is possible to get into a locked device, and, if so, which hardware, software or process will do the trick.
GETTING PAST THE ANDROID PASSCODE – Presenter Scott Lucas; recorded 06/23/2016. This webinar will explore various methods of gaining access to or recovering data from locked devices running the Android smartphone operating system. Millions of devices run this popular operating system, and our ability or inability to access the data that is contained on them can often make or break our investigations.
MAPPING CELLULAR TOWERS – Presenter Glenn Bard; recorded 03/17/2017. This webinar will cover the aspects of mapping cellular towers in connection with investigations. The attendee will be introduced to terminology such as Azimuth, sectors, beam widths, and latitude and longitude. The students will then be instructed on how to plot the locations in various mapping programs, how to label the orientation, identify the sectors, and also estimate a range for the towers coverage area.
SMARTPHONE DB/SQL FORENSICS – Presenter Glenn Bard; recorded 11/03/2017. This webinar will cover the aspects of extracting data from databases on Smartphones. The technology of Smartphones has changed the way forensics is done, and the mount of data stored on the devices continues to grow. A large amount of the data is being stored in files such as DB, SQL and SQLITE. Everything from website bookmarks, to voicemails dates and times, to pictures being stored in BLOB data is able to be recovered from a thorough examination. This webinar will introduce the attendee to the process of extracting data from these files, and also reveal some of the best places to look for hidden evidence.
INTRODUCTION TO CELL PHONE TECHNOLOGY FOR INVESTIGATORS – Presenter Scott Lucas; recorded 05/12/2017. Cell phones are vital components in our everyday lives, and are, therefore, increasingly likely to contain valuable evidence in our criminal investigations. But before we can begin the process of examining these devices, we need to understand the technology and terminology behind them. This webinar will assist investigators in wading through the alphabet soup of abbreviations and acronyms associated with cell phones, and provide valuable information on the types of data recoverable from these devices as well as from cellular providers.
INTRODUCTION TO VIDEO FORENSICS – Presenter Glenn Bard; recorded 12/21/2015. Video surveillance cameras, GoPros and DVRs are commonplace in society. Not only has the presence of such devices changed the way people record video, it has also changed the way police officers and investigators can help identify the suspect(s) of a crime. With the increased popularity of these devices, the responsibility to extract and/or enhance the video typically falls onto police departments. This webinar will introduce the student to the various aspects of video forensics including methods of obtaining the video by extracting it from the device, capturing the video as it plays on the device, or even networking to the device.
Each USB drive will include two versions of the video recordings of each of the webinar sessions: a high-quality .arf file (the install file for the utility needed to play this file format is also included), as well as an .mp4 version which can be viewed using most standard video players and mobile devices. Additionally, all course materials from the original live sessions will be included. These materials typically include the instructor’s presentation in both PPT and PDF form, note-taking pages, and any accompanying documents, materials or utilities that the instructor provided during the live session.
PLEASE NOTE: Only one person will be eligible to receive certificates of attendance for each USB purchased. Following submission of an order, the person who purchased the USB will receive an email asking him or her for the name and email address of the person who should be registered for the courses on the PATCtech testing portal. Once that individual has completed the training on the USB, he or she will already be enrolled in the webinars’ testing pages, and can take short content-based quizzes and print certificates of attendance for the training sessions.