Web and Mobile Forensics Training Course


Web and mobile forensics refers to the recovery of evidence from the web or a mobile device under investigation.

This instructor-led, live training (online or onsite) is aimed at technical persons who wish to use digital forensics tools and techniques to detect, extract, decode, analysis, interpret and report evidence recovered from a website or mobile device.

By the end of this training, participants will be able to:

  • Understand and apply different forensic acquisition techniques to inspect web and mobile data.
  • Select the most effective forensic tools to web and mobile data.
  • Understand how to access and decode different types of data structures in web servers, databases, and mobile phones for analysis.
  • Methodically extract, reconstruct, and inspect data as potential evidence of cybercrime.
  • Understand the legal implications of surrounding digital forensic analysis.

Format of the Course

  • Interactive lecture and discussion.
  • Lots of exercises and practice.
  • Hands-on implementation in a live-lab environment.

Course Customization Options

  • To request a customized training for this course, please contact us to arrange.


  • An general understanding of computer security.
  • An understanding of data structures.


  • Network engineers
  • Security professionals
  • Forensic investigation professionals
  • Developers

Course Outline


  • The need for digital forensics experts

Cybercrime and its Socioeconomic Impact

  • Identity theft, cyberbullying, data leakage, distributed denials of service, malware attacks, etc.


  • Speed, volume, complexity, file formats, privacy, legality

The Anatomy of a Cyberattack

  • Tools, programming frameworks, services

Case Study: Ransomware Construction Kits on the Darkweb

Defensive Measures

  • Encryption, obfuscation, information hiding, etc.

Forensics Analysis

  • Tools and techniques
  • Third-party applications

Web Forensics

  • Stored data and filesystem analysis, network forensics, and reverse engineering
  • Accessing remote servers
  • Accessing applications and containers
  • Server File Structures: files, databases, etc.

Mobile Forensics

  • Stored data and filesystem analysis, network forensics, and reverse engineering
  • Acquiring the Physical Devices
  • Handling locked devices
  • Mobile File Structures: Android and IoS

Retrieving User Activity Information

  • Extracting and parsing data

Inspecting Datasets

  • Traces, network traffic, log files, etc.

Reconstructing Evidence

  • Detecting and recovering deleted data
  • Automation and its shortcomings

Decoding Evidence

  • Decompiling malware and spyware

Detecting Malware and Spyware

Analysis and Reporting

Legal Considerations

  • Admissibility of evidence in court

Summary and Conclusion

Leave a Reply

Your email address will not be published. Required fields are marked *