This course will familiarize students with all aspects of Windows forensics.By the end of this course students will be able to perform live analysis, capture volatile data, make images of media, analyze filesystems, analyze network traffic, analyze files, perform memory analysis, and analyze malware for a Windows subject on a Linux system with readily available free and open source tools. Students will also gain an in-depth understanding of how Windows works under the covers.
This course will familiarize students with all aspects of Linux forensics. By the end of this course students will be able to perform live analysis, capture volatile data, make images of media, analyze filesystems, analyze network traffic, analyze files, perform memory analysis, and analyze malware all on a Linux system with readily available free and open source tools. Students will also gain an in-depth understanding of how Linux works under the covers.
This course will cover USB in detail with an emphasis on understanding USB Mass Storage devices (also known as flash drives or thumb drives).By the end of this course students will know how to sniff USB traffic using open source tools, be able to write-block USB mass storage devices using software and microcontroller-based hardware, be able to impersonate other USB devices, and understand how to make forensic duplicates of USB mass storage devices. Along the way students will also learn how to use microcontrollers and Udev rules.
Dark Web Forensics Deep Dive For Ethical Hackers, In this workshop you will be given a tour of the dark web and walked through the technical details of how it works. You will get hands-on experience conducting dark web investigations. This includes how to identify relevant information and how to investigate it. This training is useful for any forensic investigator but is particularly interesting to those trying to trace data leaks, financial crimes, and cyber-related crimes. This workshop includes hands-on labs.
Have you ever wanted to learn how to perform digital forensics activities after an intrusion? The Digital Forensics Professional Learning Path will teach you how to identify and gather digital evidence as well as retrieve and analyze data from both the wire and endpoints. The Digital Forensics Professional Learning Path also prepares you for the eCDFP exam and certification.
This course is part of the Digital Forensics Professional Learning path which prepares you for the eCDFP exam and certification
Incident response to live cyberattacks requires silent navigation through compromised assets, sometimes in large distributed networks. The popular approach relies on EDR or other live agent-based solutions. However, the activation of security agents and obvious activities on live compromised systems may trigger alerts of advanced threat actors. Once alerted, a cleanup operation and destruction of evidence can happen. Moreover, offline system analysis may not be easy due to the physical distance to the compromised system or scale of the network. This is where remote stealthy threat discovery with “scoutware”, software for threat hunting and instant system analysis, becomes incredibly useful.
In our training you will be introduced to the free, open-source scoutware tool Bitscout developed by Vitaly Kamluk from Kaspersky GReAT in collaboration with INTERPOL, that has been successfully used by Kaspersky researchers for years. The cases demonstrated in the training were developed by Vitaly Kamluk and Nicolas Collery, Executive Director at DBS Bank, primary incident responder. During the training you will create your own remote analysis tool and practice it right away in the provided virtual lab!
