Network Forensic
This course includes
Lessons
TestPrep
Hands-On Labs
AI Tutor (Add-on)
About This Course
Skills You’ll Get
Interactive Lessons
15+ Interactive Lessons | 6+ Exercises | 105+ Quizzes |
Gamified TestPrep
Hands-On Labs
4+ LiveLab | 00+ Minutes
1
Introduction
2
Foundations of Network Forensics
- Introduction
- Structure
- Objectives
- Types of network forensics
- Setting up the environment for analysis
- Case study: Suspicious Web Server
- Conclusion
- Long questions
3
Protocols and Deep Packet Analysis
- Introduction
- Structure
- The OSI model
- The TCP/IP model
- The Packet structure
- Case study: Curious case of protocol misuse
- Deep Packet Inspection
- Case study: Investigating Distributed Denial of service attacks
- Conclusion
- Long questions
4
Flow Analysis versus Packet Analysis
- Introduction
- Structure
- Statistical Flow analysis
- Flow Record and FRP Systems
- Uniflow and BitFlow
- Types of Sensor deployment
- Flow analysis
- Conclusion
- Long questions
5
Conducting Log Analysis
- Introduction
- Structure
- Objectives
- Investigating Remote Login attempts on SSH
- Investigating Web Server Attacks with Splunk
- Investigating Proxy Logs
- Conclusion
- Long questions
6
Wireless Forensics
- Introduction
- Structure
- Objectives
- Basics of Radio Frequency Monitoring
- The 802.11 standard
- Evidence types in wireless local area networking
- Other wireless attacks and their analysis
- Conclusion
- Long questions
7
TLS Decryption and Visibility
- Introduction
- Structure
- Objectives
- Techniques to decrypt SSL/TLS communication
- Examining SSL/TLS traffic using proxy
- Conclusion
- Long questions
8
Demystifying Covert Channels
- Introduction
- Structure
- Objectives
- Identifying covert communication using proxies
- Using MitmProxy to decrypt Dropbox traffic
- Using Dropbox API to gather attack details
- Uncovering the attack pattern
- Uncovering DNS misuse
- Conclusion
- Long questions
9
Analyzing Exploit Kits
- Introduction
- Structure
- Objectives
- How exploit kits work
- Analysis of an exploit kit infection
- Network forensics with Security Onion
- Extracting malicious payload
- Using Fakenet-Ng to simulate a network
- Conclusion
- Long questions
10
Automating Network Forensics
- Introduction
- Structure
- Objectives
- Parsing the Syslog format
- IP reputation analysis
- Writing dissectors for protocols in Lua
- Conclusion
- Long questions
11
Backtracking Malware
- Introduction
- Structure
- Objectives
- Investigating Cobalt Strike Encrypted traffic
- Investigating TeamViewer and AnyDesk
- Conclusion
- Long questions
12
Investigating Ransomware Attacks
- Introduction
- Structure
- Objectives
- Analysis of WannaCry ransomware
- Capturing ransomware keys for decryption
- Analyzing GandCrab ransomware
- Case Study: REVIL ransomware at a Bank
- Conclusion
- Long questions
13
Investigating Command and Control Systems
- Introduction
- Structure
- Objectives
- Investigating Metasploit Reverse Shell
- Investigating Meterpreter Reverse Shell
- Investigating Meterpreter Stageless Reverse Shell
- Conclusion
- Long questions
14
Investigating Attacks on Email Servers
- Introduction
- Objectives
- Structure
- Analysis of ProxyLogon attack
- Investigating Email authentication logs
- Conclusion
- Long questions
15
Investigating Web Server Attacks
- Introduction
- Structure
- Objectives
- Web Server attack analysis
- Conclusion
- Long questions
1
Introduction
- testing
2
Foundations of Network Forensics
- Capturing Network Packets using TCPDump
- Performing Network Analysis Using Wireshark
3
Protocols and Deep Packet Analysis
- Using tshark to Filter Data from a PCAP File
4
Flow Analysis versus Packet Analysis
5
Conducting Log Analysis
6
Wireless Forensics
7
TLS Decryption and Visibility
8
Demystifying Covert Channels
9
Analyzing Exploit Kits
10
Automating Network Forensics
11
Backtracking Malware
12
Investigating Ransomware Attacks
13
Investigating Command and Control Systems
14
Investigating Attacks on Email Servers
15