The goal of the Digital Forensics Tools and Techniques course is to prepare students for understanding and handling the different artifacts of cybercrime in a legally structured manner.

Note: Lecture and lab slides are in Serbian.


  1. Forensic objectives and principles
  2. Forensic media preparation
  3. Write blockers
  4. Acquisition of media
  5. Digital chain of custody
  6. Basic forensic document analysis
  7. Internet and web artifacts analysis
  8. Forensic recovery
  9. Mobile device forensic
  10. Documents and reports
  11. Presenting evidence
  12. ISO 27037 and DCoC

Labs and projects

  1. Investigating data streams
  2. File storage dates and times
  3. File deletion/recovery
  4. Recovering Internet Usage Data
  5. Recovering: Swap Files/Temporary Files/Cache Files
  6. Preservation and safe handling of original media
  7. Making bitstream copies of original media
  8. Word document forensics and password cracking
  9. Practical use digital forensics tools: Forensic TookKit (FTK)
  10. Practical use digital forensics tools: Autopsy
  11. Practical use digital forensics tools: Mobile device forensics


  1. Årnes A. (2018). Digital Forensics. John Wiley & Sons Ltd.
  2. Parasram S. V.N. (2017). Digital Forensics with Kali Linux. Packt Publishing.
  3. Johansen G. (2017). Digital Forensics and Incident Response. Packt Publishing.
  4. Dragičević D. (1999). Kompujterski kriminalitet i informacijski sustavi. Zagreb.