Emulation vs Simulation - What the WAN is the Difference? (by DC Palter)
Wireshark Transum Quickstart (by Tony Fortunato)

How did you learn what you know? (by Casey Mullis)

There are things that cannot come from a class room or a large bill for a college education. Where can one learn things that a book cannot teach? LIFE, this gives us a lesson that can never be taught in a class room or a book. Common Sense cannot be taught, it is learned through ones walk in life. If it were teachable, we would not have the issues in life that we face today in this world. What is life day to day if not many lessons?


In the world of computer forensics, it seems all things are so costly. Most of us cannot afford to pay for high end training. We are here today to introduce you to another free item to help you along your way. Yes, we are going to be hosting a class in the near future regarding WinFE, but today we want to introduce you to Windows Forensic Environment.

This is a GREAT; please allow us to stress “Great” as we mean it as an end user, introduction to WinFE. You do not have to pay for the class. It is FREE to all who wish to get a better understanding of WinFE. Granted not all of us learn this way but we can assure you as we have completed the course as the image below stands as our proof of this.


Not every situation calls for Linux or maybe you are just a Windows User. Who knows other than you, yes you who are reading this? We cannot tell you how best you learn or use computer forensic tools. Only you know that answer. What we do to help each other is give every opportunity to learn.

We give you our word as computer forensic examiner(s) and human beings that the WinFE course listed in this article is worth the time to go through. We do add, this course mentions CAINE and the live side. We are the developer of the live side for CAINE, so we hope that this gives a little more reliance on this article of WinFE training.


Life is simple, we as humans complicate it. What is it we cannot do or achieve? Only the things we say we cannot do or achieve. We want to promise you that this is well worth your time as a computer forensic examiner, to complete this course. The developer of the course covers many fascist of the tool as well as others like CAINE and DEFT.

FTK Imager is covered in this training. Why, because it is a great tool in and of itself. We must give thanks to Accessdata for another great tool. This should show you as the reader of this, there are many tools out there for our use to get the job done, that does not cost an arm and a leg. There are many tools for free with a little time and research.

So please go to the site and give the course a shot, it is only going to help you.



Author - Emory Mullis has been in Law Enforcement for roughly 19 years including military and civilian law enforcement. He started learning about computers back when Gateway 266 MHz was the top of the line and cost about $2000.00.Right out the box, I was compelled to take my new found 266 apart. Why I have no idea other than pure curiosity. Once I had the computer out the box and on the floor in pieces, my wife walked in. Trust me people; this was not a good thing! Either way I got a good understanding at this point on how a computer is put together and / or the components inside. This was my starting point with computers and I still hear my wife in the back ground “It better work when you put it back together!” That was my humble beginnings as a Cyber Investigator. Now with many Cyber cases under my belt, I have learned that you must question, challenge and test almost daily to keep up with all the new tools, software, computers and cell phone formats to be able to forensically acquire evidence and it is a real challenge. I enjoy the challenge and look forward to learning more every day!