Logo TCP/IP Training
Special LE Courses
digital encryption technology

Introduction to Ethical Hacking and Network Forensics Analysis Fundamentals

Category: Security / Forensics
Format: Virtual
Ethical Hacking and Network Forensics Analysis combine the skills of capturing suspicious data and discerning suspicious patterns hidden within seemingly normal network traffic. This course provides the student with a set of investigation techniques focusing on the use of vendor-neutral,.. read more below
Virtual
duration: 5 days
5-12 class size
English

No data available yet.

Or you interested in this course? Request more information. 

Request information

Ethical Hacking and Network Forensics Analysis combine the skills of capturing suspicious data and discerning suspicious patterns hidden within seemingly normal network traffic. This course provides the student with a set of investigation techniques focusing on the use of vendor-neutral, Open-Source Tools to offer insight into the following areas:

– Specialized Ethical Hacking techniques, including reconnaissance scanning and recognizing Indicators of Compromise (IoC), suspicious data traffic reconstruction, and viewing hidden details.

– Forensics Analysis fundamentals, data-mining, and an introduction to the science of Open-Source Intelligence collection and Network security principles, including encryption technologies and defensive configurations of network infrastructure devices.

– Indication of Compromise (IoC) and threat recognition for a variety of network attack and exploit scenarios, including reconnaissance techniques, intrusion and exploit methodologies, Bot-Net threat recognition, as well as standard user protocol vulnerabilities, including many IP related Protocols such as IPv4/v6 / TCP, DNS/DNSSec, ARP, ICMPv4/v6, and an introduction to Voice / Video over IP and Wireless Networking technologies.

Real-World examples are utilized throughout the course in conjunction with numerous hands-on exercises to provide field-proven, practical analysis skills. Attendees receive a student guide including multiple reference files, networking and forensics tools, and a library of reference documents.

This course is for Networking, Government, and Security personnel that need to develop advanced packet investigation techniques by analyzing evidence, both Pcap-based and Open-source Intelligence-based, using Wireshark and other Open-Source Analysis tools.

Successful completion of this course provides these individuals with a pathway into the field of Ethical Hacking and Forensics Analysis.

Section 1: Introduction to Forensics Analysis

  • Logistics and Open-Source Tool Recommendations
  • Network Forensics Challenges – Nomenclature and Terminology
  • Overview and history of Network Forensics Analysis
  • Answering the critical incident response questions – Sample Six step Network Forensics Analysis Methodology

 

Section 2: Recap: Collecting the Data – Data Capture

  • Forensic Profile Construction for Data Collection
  • Configuring Wireshark – Standard Captures vs. Stealth and Silent Collection of Data
  • New types of capture filters – Offset and String-Matching
  • WiFi data collection challenges

 

Section 3: Identifying and Analyzing Indicators of Compromise (IoC)

  • Analyzing Conversations and Activities for Indicators of Compromise (IoC)
  • Analyzing Conversations and Activities using the Expert Systems to recognize IoCs
  • Recognition, Analyzing, and Reconstructing Suspicions Activates
  • Baselines & Sample Libraries
  • Color Rules, Filtering & Pattern recognition
  • Recognizing IOCs of Intrusions
  • Forensic Analysis of an Intrusion
  • Scouting the Target – Network Reconnaissance and Scanning Tools
  • Recognizing Scanning Signatures of standard scanning tools – NMAP, Nessus, Retina, and others
  • Honeypots – Trapping the Intruder
  • Overview, Configuration & Usage
  • Bot, Botnets – Command and Control Traffic
  • Recognizing Bots and Botnet activity – the key IOCs
  • Identifying, tracking, and reassembling Command and Control Traffic
  • Forensic Diagramming – A Picture is worth 1024 Words

 

Section 4: They Hacked Me – Ethical Hacking & Network Forensics Analysis – Intrusions, Exploits, Etc.

  • Overview & Terminology
  • Roles and responsibilities of an ethical hacker?
  • Ethical Hacking vs. Penetration Testing
  • Information Security Threats and Attacks Overview
  • Ethical Hacking – Identifying Target Networks Vulnerabilities
  • Scanning & Reconnaissance
  • Active vs. Passive OS Fingerprinting
  • Tools, techniques, and scanning tool identification with Wireshark
  • You Can Trust Me – Social Engineering
  • Exploiting the Target – Layer 2 (Physical & DLC Layers) Exploits
  • Driver & Device Exploits
  • Man-in-the-Middle
  • MAC / ARP Floods
  • Mac Of Switch Port Attacks
  • Exploiting the Target – Layer 3 (Network Layer) Exploits
  • IPv4 Header and Option Exploits
  • IPv6 Tunnel Exploits
  • ICMPv4/v6 Exploits
  • Exploiting the Target – Layer 4 (Transport Layer) Exploits
  • Exploiting TCP – Header & Options, Resets, and Flags
  • Exploiting SCTP
  • Firewall & Intrusion Detection System (IDS) Exploits
  • Exploiting the Target – Layer 5-7 (Application) Exploits
  • Drive-by-Downloads
  • Ransomware, Crimeware, and Malware – Worms & Viruses
  • Fake Login’s & Password Hijacks
  • Overflow’s
  • Internet Exploits
  • Hacking & Exploiting Voice and Video over IP
  • Capturing Multimedia Data
  • Reconstruction and Replay Voice over IP calls
  • Hacking & Exploiting Internet of Thing Devices (IoT)
  • Denial of Service (DoS / DDoS) – Network-Level Attacks
  • Bots, Botnets, Bot Herders

 

Section 5: They Encrypted their traffic – now what? – Forensics Analysis of Encryption Protocols

  • Analyzing Encrypted Traffic
  • Using Wireshark to Decrypt Types of Encrypted Traffic
  • Secure Socket Layer (SSL / Transport Layer Security (TLSv1-3)
  • Wired Equivalency Protocol (WEP), WiFi Protected Access (WPA.X)
  • VPN and Tunneling Protocols
  • Security Vulnerabilities & Exploits

Student qoutes

" I found Phill to be the best teacher, and I learn so much from him. Thank you Phill"

- Paul Broyd

Course: TCP/IP Analysis and Troubleshooting with Wireshark

"It's sure the most interesting course that i have followed"

- Karin van der Plas

Course: TCP/IP Analysis and Troubleshooting with Wireshark

"It was a very very very interesting course, and done by the top guy"

- Matthew Steenwijk

Course:

"It was a real pleasure to receive the Wireshark training from a very dedicated trainer"

- Wim de Vries

Course: Voice & Video over IP Network Analysis

"I thought I already knew Wireshark. I was wrong, very wrong"

- Jeroen Valkonet

Course: TCP/IP Analysis and Troubleshooting with Wireshark

"This course is a must have for everyone in IT"

- Johan den Besten

Course: TCP/IP Analysis and Troubleshooting with Wireshark

"Great for network analyses or forensic investigations"

- Sven Schneider

Course: Masterclass – Advanced Network & Intro to Security Analysis

"By far the very best course I ever took"

- Joachim van Doeselaar

Course: TCP/IP Analysis and Troubleshooting with Wireshark

"If there’s a packet, it can be WireSharked!!"

- Elena Petrova

Course: WiFi & Wireless Network Analysis Using Wireshark

"Extremely satisfied with the training. Very helpful instructor and great teaching methods"

- Lars Mikkelsen

Course: Masterclass – Advanced Network & Intro to Security Analysis

More courses within category Security / Forensics

Wireshark Command Line Tools for Troubleshooting

Amsterdam / In-House / Virtual
duration: 5 days
T.B.A.
Network and Forensics Analysis encompasses the skills of capturing data and the ability to discern unusual patterns hidden within seemingly normal network traffic. This course provides the student with an..

SCADA & Industrial Control Systems Analysis & Troubleshooting

Amsterdam / In-House / Virtual
duration: 5 days
T.B.A.
This course is for Networking, Engineering, and Security personnel who need to develop a set of packet investigation techniques through study of the Industrial Control Systems and SCADA networking Protocols..

Cyber Security & Network Forensics Analysis

Amsterdam / In-House / Virtual
duration: 5 days
T.B.A.
Network Forensics Analysis encompasses the skills of capturing suspicious data and the ability to discern unusual patterns hidden within seemingly normal network traffic. This course provides the student with a..
  • Atoomweg 2
    1627 LE HOORN
    The Netherlands
  • +31 (0)23-5685610
  • info@scos.training

Sign up and register for Introduction to Ethical Hacking and Network Forensics Analysis Fundamentals

Choose a course date *
First name *
Last name *
Company *
Country *
Email address *
Phone number
Attendees *
Comment
How did you hear about this course *
A course only takes place if there is sufficient participation.
*
= required

Request information for Introduction to Ethical Hacking and Network Forensics Analysis Fundamentals

*
= required

Do you want to request information for more than one course? Click here