Network Forensics Course | Hands-on Training

Mastering Network Forensics

Develop the skills to investigate cybercrimes, from identifying threats to recovering evidence.

(NET-FORENSIC.AW1) / ISBN : 978-1-64459-610-4

Lessons

Lab

TestPrep

AI Tutor (Add-on)

Get A Free Trial

This course includes:

Free pre-assessment and first 2 lessons

15+ Interactive Lessons | 40+ Exercises

Accessible on mobile and tablet too

Certificate of completion

Are you an instructor?

Access detailed information about the course content, learning objectives, activities, and assessments before adding it to your curriculum.

About This Course

This network forensics course will equip you with the skills and tools to become a top-tier cybersecurity professional.You’ll learn to decode digital mysteries, dissect suspicious traffic, uncover covert channels, and analyze cyberattacks like ransomware and protocol misuse. Mastering tools like Wireshark, Splunk, and MitmProxy while unraveling threats from email servers to exploit kits will become interactive! You’ll gain sharp skills in log analysis, packet inspection, malware tracking, and more – all thanks to our risk-free hands-on labs. So, if cybercrime leaves a trail, you’ll be the one following it – straight to the source.

Skills You’ll Get

Analyze network traffic and packet structures for suspicious activities.
Investigate cyberattacks, including ransomware, DDoS, and web server attacks.
Decrypt SSL/TLS communication to detect hidden threats.
Identify covert communication channels and misuse of DNS protocols.
Examine logs from SSh, proxy servers, and email authentication for anomalies.
Detect wireless attacks and monitor radio frequencies.
Simulate network environments to study exploit kits and malicious payloads.
Track malware activities through reverse engineering and memory forensics.
Automate forensic tasks like IP reputation analysis and protocol dissection with tools like Lua.
Utilize forensic tools such as Wireshark, Splunk, and MitmProxy for in-depth investigations.
Identify and remove ransomware and capture decryption keys.
Explore command-and-control systems to uncover attackers' methods.
Develop proactive network defense strategies using forensic insights.

Interactive Lessons

15+ Interactive Lessons | 40+ Exercises | 100+ Quizzes | 50+ Flashcards | 50+ Glossary of terms

Gamified TestPrep

Hands-On Labs

15+ LiveLab | 00+ Minutes

Lesson Plan

Introduction

Foundations of Network Forensics

Introduction
Types of network forensics
Setting up the environment for analysis
Case study: Suspicious Web Server
Conclusion
Long questions

Protocols and Deep Packet Analysis

Introduction
The OSI model
The TCP/IP model
The Packet structure
Case study: Curious case of protocol misuse
Deep Packet Inspection
Case study: Investigating Distributed Denial of service attacks
Conclusion
Long questions

Flow Analysis versus Packet Analysis

Introduction
Statistical Flow analysis
Flow Record and FRP Systems
Uniflow and BitFlow
Types of Sensor deployment
Flow analysis
Conclusion
Long questions

Conducting Log Analysis

Introduction
Investigating Remote Login attempts on SSH
Investigating Web Server Attacks with Splunk
Investigating Proxy Logs
Conclusion
Long questions

Wireless Forensics

Introduction
Basics of Radio Frequency Monitoring
The 802.11 standard
Evidence types in wireless local area networking
Other wireless attacks and their analysis
Conclusion
Long questions

TLS Decryption and Visibility

Introduction
Techniques to decrypt SSL/TLS communication
Examining SSL/TLS traffic using proxy
Conclusion
Long questions

Analyzing Exploit Kits

Introduction
How exploit kits work
Analysis of an exploit kit infection
Network forensics with Security Onion
Extracting malicious payload
Using Fakenet-Ng to simulate a network
Conclusion
Long questions

Automating Network Forensics

Introduction
Parsing the Syslog format
IP reputation analysis
Writing dissectors for protocols in Lua
Conclusion
Long questions

Backtracking Malware

Introduction
Investigating Cobalt Strike Encrypted traffic
Investigating TeamViewer and AnyDesk
Conclusion
Long questions

Investigating Ransomware Attacks

Introduction
Analysis of WannaCry ransomware
Capturing ransomware keys for decryption
Analyzing GandCrab ransomware
Case Study: REVIL ransomware at a Bank
Conclusion
Long questions

Investigating Command and Control Systems

Introduction
Investigating Metasploit Reverse Shell
Investigating Meterpreter Reverse Shell
Investigating Meterpreter Stageless Reverse Shell
Conclusion
Long questions

Investigating Attacks on Email Servers

Introduction
Analysis of ProxyLogon attack
Investigating Email authentication logs
Conclusion
Long questions

Investigating Web Server Attacks

Introduction
Web Server attack analysis
Conclusion
Long questions

Hands-on LAB Activities

Foundations of Network Forensics

Capturing Network Packets Using TCPDump
Performing Network Analysis Using Wireshark

Protocols and Deep Packet Analysis

Using tshark to Filter Data from a PCAP File

Flow Analysis versus Packet Analysis

Generating IPFIX from PCAP
Analyzing SiLK Flow Records

Conducting Log Analysis

Investigating SSH Logs

TLS Decryption and Visibility

Capturing Browser Requests Using mitmproxy

Demystifying Covert Channels

Resolving IP Addresses for Network Analysis
Investigating DNS Misuse

Automating Network Forensics

Performing IP Reputation Analysis

Backtracking Malware

Monitoring a TeamViewer Session
Investigating AnyDesk Sessions

Investigating Ransomware Attacks

Analyzing the WannaCry Ransomware Attack

Investigating Command and Control Systems

Investigating the Metasploit Reverse Shell

Investigating Attacks on Email Servers

Investigating the ProxyLogon Attack

Lab

CCNA 200-301 Pearson uCertify Network Simulator

ISBN: 9781616918378
200-301-SIMULATOR.AB1

Try

Lessons Lab TestPrep AI Tutor

Accounting Course 101

ISBN: 9781644597002
ACCOUNT-WRKBK.AE1

Try

Lessons Lab

Accounting All-in-One

ISBN: 9781644594490
ACCOUNTS.AE1

Try

Lessons TestPrep

ACCUPLACER For Beginners

ISBN: 9781644595732
ACCUPLACER.AE1

Try

Lessons TestPrep

ACT Prep 2024

ISBN: 9781644594889
ACT-PREP.AE1

Try

Lessons Lab TestPrep AI Tutor

Mastering Active Directory

ISBN: 9781644595909
ACTV-DIRECT.AJ1

Try

Lessons Lab AI Tutor

Advanced Programming in the UNIX Environment

ISBN: 9781644595121
ADV-PROG-UNIX.AP1

Try

Mastering Network Forensics

Are you an instructor?

Mastering Network Forensics

About This Course

Skills You’ll Get

Interactive Lessons

Gamified TestPrep

Hands-On Labs

Lesson Plan

Introduction

Foundations of Network Forensics

Protocols and Deep Packet Analysis

Flow Analysis versus Packet Analysis

Conducting Log Analysis

Wireless Forensics

TLS Decryption and Visibility

Demystifying Covert Channels

Analyzing Exploit Kits

Automating Network Forensics

Backtracking Malware

Investigating Ransomware Attacks

Investigating Command and Control Systems

Investigating Attacks on Email Servers

Investigating Web Server Attacks

Hands-on LAB Activities

Foundations of Network Forensics

Protocols and Deep Packet Analysis

Flow Analysis versus Packet Analysis

Conducting Log Analysis

TLS Decryption and Visibility

Demystifying Covert Channels

Automating Network Forensics

Backtracking Malware

Investigating Ransomware Attacks

Investigating Command and Control Systems

Investigating Attacks on Email Servers

Any questions?Check out the FAQs

What is network forensics?

Who should take this course?

What are the prerequisites for this course?

What tools will I learn to use in this course?

How can network forensics skills benefit my career?

Related Courses

CCNA 200-301 Pearson uCertify Network Simulator

Accounting Course 101

Accounting All-in-One

ACCUPLACER For Beginners

ACT Prep 2024

Mastering Active Directory

Advanced Programming in the UNIX Environment

Any questions?
Check out the FAQs