This repository showcases my coursework for CIS2711 β Fundamentals of Digital Forensics (2024β2025), completed as part of my BSc (Hons) Computing (Networks, Cyber Security & Forensics) degree at Edge Hill University.
It demonstrates my ability to perform forensic acquisition, evidence analysis, password recovery, and steganography detection using industry-standard tools.
Focus: Conducted a forensic analysis of an insider data-leak scenario and investigated encrypted evidence.
Highlights:
- Analysed Outlook PST emails to reconstruct a spear-phishing data-exfiltration chain
- Documented a complete chain of custody and metadata timeline
- Used CyberChef, Autopsy, and Hashcat to analyse log evidence and recover encrypted files
- Demonstrated evidence integrity using MD5/SHA-256 hashing
π Download Task 1 β Data Exfiltration Report (PDF)
π Download Task 2 β Evidence Integrity & Recovery (PDF)
Focus: Performed a full forensic case investigation into academic-fraud allegations using the ADAM model, NIST SP 800-86, and ACPO guidelines.
Highlights:
- Forensically imaged and analysed a suspect USB in Autopsy
- Extracted hidden documents using OpenStego and decrypted Excel files with John the Ripper
- Reconstructed financial evidence linking the suspect to illegal sales of academic work
- Produced a professional report covering ethical and legal responsibilities under UK law (GDPR, Computer Misuse Act 1990)
π Download Coursework 2 Report (PDF)
- Autopsy β Digital forensic analysis
- CyberChef β Log analysis & regex filtering
- OpenStego β Steganography detection
- John the Ripper / Hashcat β Password recovery
- NIST SP 800-86, ADAM Model, ACPO Principles
- MD5/SHA-256 hashing, chain of custody, reporting ethics
π« Author: Thomas Mason
π BSc (Hons) Computing β Networks, Cyber Security & Forensics
π LinkedIn