ＨｉｄｅＺｅｒｏＯｎｅ

We are now living in a Big Data world – billions of devices communicating over millions of networks and generating petabytes of data, both at rest and in transit! Security professionals now encounter Big Data in the form of large log files, network traffic captures, forensics of large images and exports from security tools and products. In this course, we will look at how to analyze, mangle, transform and visualize data to derive interesting insights and intelligence from it.

Pandas is a Python library which is part of SciPy scientific computing ecosystem. In simple terms, Pandas provides powerful data structures to perform data analysis. As dry as this might initially sound, due to the high level of abstraction provided by its powerful API, Pandas allows us to do really complicated analysis with just a few lines of Python code.

In this course, we will go through the basics of Numpy, a deep dive into Pandas Series and Dataframes and how to analyze data with it. The case study used is analysis of Wi-Fi networks using Airodump-NG’s output file for a relatively large network with hundreds of devices.

The PowerShell For Penetration Testers (PFPT) is an online course designed for teaching PowerShell to penetration testers, system administrators and other security professionals. You will be able to use and write tools in PowerShell which is installed by default of all modern Windows operating systems. The course will be of interest for anyone who wants to know more about using PowerShell for security research, penetration testing and red teaming. The course covers various phases of a penetration testing and PowerShell is used to enhance techniques in the each phase.

WinDbg is the most popular Debugger for Windows. In this course, we will look at how WinDbg can be used for both User and Kernel mode debugging. We will learn how processes and threads work on Windows, and how we can examine memory, modify registers & data, disassemble code etc. among other things. We will also learn a bit of Windows internals, kernel data strucutres and how to analyze rootkits and other malicious code in the form of device drivers.

Airodump-NG Scan Visualizer allows you to filter, sort and visualize Airodump-NG scan data. The tool currently uses the CSV file generated by Airodump-NG with the -w option and can work locally or as a hosted service.

PCAP2XML is a tool suite which takes 802.11 PCAP trace files as input and can convert them into XML or SQLITE representations. This allows a pentester to run arbitrary queries on the packet header fields.

This course will cover USB in detail with an emphasis on understanding USB Mass Storage devices (also known as flash drives or thumb drives).By the end of this course students will know how to sniff USB traffic using open source tools, be able to write-block USB mass storage devices using software and microcontroller-based hardware, be able to impersonate other USB devices, and understand how to make forensic duplicates of USB mass storage devices.  Along the way students will also learn how to use microcontrollers and Udev rules.