Computer Hacking Forensic Investigator (CHFI)

Module 01: Computer Forensics in Today’s World
Introduces the fundamentals of computer forensics, the role of forensic investigators, cybercrime trends, types of digital evidence, and legal compliance requirements.

Module 02: Computer Forensics Investigation Process
Covers the forensic investigation lifecycle: identification, preservation, collection, examination, analysis, and reporting of digital evidence.

Module 03: Understanding Hard Disks and File Systems
Explains storage media and file systems, including data structures, partitions, slack space, and artefacts critical for forensic analysis.

Module 04: Data Acquisition and Duplication
Details techniques for acquiring and duplicating digital evidence using forensically sound tools, ensuring integrity and chain of custody.

Module 05: Defeating Anti‑Forensics Techniques
Teaches how attackers use anti-forensic methods such as encryption, obfuscation, and data wiping, and how investigators detect and counter these tactics.

Module 06: Windows Forensics
Focuses on forensic analysis of Windows systems, including registry, event logs, ShellBags, prefetch, and other artifacts that reveal system activity.

Module 07: Linux and Mac Forensics
Covers forensic analysis of Linux and macOS systems, including file systems, logs, command histories, and system artifacts.

Module 08: Network Forensics
Explores capturing, preserving, and analysing network traffic to detect intrusions, reconstruct events, and identify malicious activity.

Module 09: Malware Forensics
Teaches how to detect, analyse, and classify malware, understand infection patterns, and extract evidence from compromised systems.

Module 10: Investigating Web Attacks
Covers forensic techniques to investigate attacks targeting web servers and applications, including log analysis and vulnerability assessment.

Module 11: Dark Web Forensics
Introduces methods to analyse activity on the dark web, including tracing Tor-based traffic, hidden services, and digital footprints.

Module 12: Cloud Forensics
Covers forensic investigation techniques for cloud environments, including evidence acquisition from AWS, Azure, and Google Cloud Platform, and virtualization artifacts.

Module 13: Database Forensics
Explores forensic evidence extraction and analysis from database systems, including transaction logs, SQL queries, and privilege usage.

Module 14: Email and Social Media Forensics
Details investigative procedures for email accounts, messaging platforms, and social media, including headers, metadata, and evidence preservation.

Module 15: Mobile Forensics
Teaches extraction and analysis of data from mobile devices, including call logs, messages, apps, and device-specific artifacts for Android and iOS.

Module 16: IoT Forensics
Explores forensic investigation techniques for Internet of Things devices, including smart sensors, embedded systems, and connected appliances.