Having fun while learning about and pivoting into the world of DFIR.
by ogmini
Continuation from Part 3 looking back at my coursework in the Master’s Degree in Digital Forensic Science. In this post, I’ll be talking about DFS-520 Operating System Analysis.
I enjoyed this course, as it reminded me of many concepts I learned in the Operating Systems Design course during my undergrad in Electrical and Computer Engineering. In that course, we worked on implementing our own file system and it was interesting to tie that back to a digital forensics viewpoint.
The labs in the course relied on the 2018 Lone Wolf Scenario from Digital Corpora. We had to write formalized reports to present our findings. Each seperate lab methodically built upon knowledge from previous labs and used different tools. This ranged from looking for deleted files, browser artifacts, and memory analysis.
This methodical approach and report writing is something that has stuck with me as a very important skill to learn and hone. This was really highlighted for me during my recent participation in the Magnet Virtual Summit 2025 CTF. I can always improve and the only way to improve is to practice. CTFs and other challenges can provide that practice.