ＨｉｄｅＺｅｒｏＯｎｅ

EC-Council’s Hacking Forensic Investigator (C|HFI) is the only comprehensive ANSI accredited, lab-focused program on the market that gives organizations vendor-neutral training in digital forensics. C|HFI provides its attendees with a firm grasp of digital forensics, presenting a detailed and methodological approach to digital  forensics and evidence analysis that also pivots around the Dark Web, IoT, and Cloud Forensics. The tools and techniques covered in this program will prepare the learner for conducting digital investigations using ground-breaking digital forensics technologies.

Syllabus

Module 01: Computer Forensics in Today’s World

Module 02: Computer Forensics Investigation Process

Module 03: Understanding Hard Disks and File Systems

Module 04: Data Acquisition and Duplication

Module 05: Defeating Anti-Forensics Techniques

Module 06: Windows Forensics

Module 07: Linux and Mac Forensics

Module 08: Network Forensics

Module 09: Investigating Web Attacks

Module 10: Dark Web Forensics

Module 11: Database Forensics

Module 12: Cloud Forensics

Module 13: Investigating Email Crimes

Module 14: Malware Forensics

Module 15: Mobile Forensics

Module 16: IoT Forensics

EC-Council: Computer Hacking Forensic Investigator (CHFI v10)

Unlock the secrets of Windows forensic investigation with my new course! I took my years of experience creating videos on the 13Cubed YouTube channel and set out to develop affordable, comprehensive, and professional training. Whether you’re looking to get into the field, already work in the field but want to step up your game, or just have an interest in digital forensics, look no further. This course is for you!

Syllabus

Welcome and Introduction
Initial Setup
Windows Event Logs
The Registry
Evidence of Execution
Persistence, Privilege Escalation, and Lateral Movement
Anatomy of NTFS
File Deletion and Recovery
LNK Files and Jump Lists
Additional Content
Knowledge Assessment

Investigating Windows Endpoints

If you’ve taken Investigating Windows Endpoints (or already have the equivalent knowledge), this is a natural continuation of the content that deep dives into Windows memory forensics. Learn the foundations of how Windows memory is structured, how to acquire memory, how to analyze memory images using Volatility, MemProcFS, and WinDbg, and more! This is for you.

Syllabus

Welcome and Introduction
Initial Setup
Foundations of Memory Forensics
Acquiring Memory
Poor Man’s Memory Forensics
Memory Analysis with Volatility
Malware Memory Analysis with Volatility
Memory Analysis with MemProcFS
Malware Memory Analysis with MemProcFS
Introduction to WinDbg
Additional Content
Knowledge Assessment

Investigating Windows Memory

FOR528: Ransomware and Cyber Extortion provides the hands-on training required for those who may need to respond to ransomware and/or cyber extortion incidents. The term “Ransomware” no longer refers to a simple encryptor that locks down resources. The advent of Human-Operated Ransomware (HumOR) along with the evolution of Ransomware-as-a-Service (RaaS) have created an entire ecosystem that thrives on hands-on the keyboard, well-planned attack campaigns. Furthermore, some cyber extortion actors carry out the full attack lifecycle yet skip the encryption phase. How do you deal with these threats? Our course uses deftly devised, real-world attacks and their subsequent forensic artifacts to provide you, the analyst, with everything you need to respond when either threat becomes a reality. 13 labs + Final day CTF

FOR528.1: Ransomware Incident Response Fundamentals
FOR528.2: Ransomware Modus Operandi
FOR528.3: Advanced Ransomware Concepts
FOR528.4: Ransomware Incident Response Challenge

FOR528: Ransomware and Cyber Extortion

FOR518 is the first non-vendor-based Mac and iOS incident response and forensics course that focuses students on the raw data, in-depth detailed analysis, and how to get the most out of their Mac and iOS cases. The intense hands-on forensic analysis and incident response skills taught in the course will enable analysts to broaden their capabilities and gain the confidence and knowledge to comfortably analyze any Mac or iOS device.

Syllabus

FOR518.1: Mac and iOS Essentials
FOR518.2: File Systems & System Triage
FOR518.3: User Data, System Configuration, and Log Analysis
FOR518.4: Application Data Analysis
FOR518.5: Advanced Analysis Topics
FOR518.6: Mac Forensics & Incident Response Challenge

FOR518: Mac and iOS Forensic Analysis and Incident Response