Some of the way for computer forensic using autospy, wireshark, etc.
- Analyzing the packet using Wireshark
- Capturing and analyzing netwrok packet using Wireshark
- Creating a Forensic Image using FTK Imager/Encase Imager
- Perform data acquisition using - USB Write Blocker + FTK Imager
- Solve the Forensics Case study using Encase Investigator or Autopsy
- Using Sysinternals tools for Network Tracking and Process Monitoring:
- Check Sysinternals tools
- Monitor Live Processes
- Capture RAM
- Capture TCP/UDP packets
- Monitor Hard Disk
- Monitor Virtual Memory
- Monitor Cache Memory