Network Forensic

This course includes
Interactive Lessons
Gamified TestPrep
Hands-On Labs
AI Tutor (Add-on)
Get A Free Trial

About This Course

Skills You’ll Get

1

Introduction

2

Foundations of Network Forensics

  • Introduction
  • Structure
  • Objectives
  • Types of network forensics
  • Setting up the environment for analysis
  • Case study: Suspicious Web Server
  • Conclusion
  • Long questions
3

Protocols and Deep Packet Analysis

  • Introduction
  • Structure
  • The OSI model
  • The TCP/IP model
  • The Packet structure
  • Case study: Curious case of protocol misuse
  • Deep Packet Inspection
  • Case study: Investigating Distributed Denial of service attacks
  • Conclusion
  • Long questions
4

Flow Analysis versus Packet Analysis

  • Introduction
  • Structure
  • Statistical Flow analysis
  • Flow Record and FRP Systems
  • Uniflow and BitFlow
  • Types of Sensor deployment
  • Flow analysis
  • Conclusion
  • Long questions
5

Conducting Log Analysis

  • Introduction
  • Structure
  • Objectives
  • Investigating Remote Login attempts on SSH
  • Investigating Web Server Attacks with Splunk
  • Investigating Proxy Logs
  • Conclusion
  • Long questions
6

Wireless Forensics

  • Introduction
  • Structure
  • Objectives
  • Basics of Radio Frequency Monitoring
  • The 802.11 standard
  • Evidence types in wireless local area networking
  • Other wireless attacks and their analysis
  • Conclusion
  • Long questions
7

TLS Decryption and Visibility

  • Introduction
  • Structure
  • Objectives
  • Techniques to decrypt SSL/TLS communication
  • Examining SSL/TLS traffic using proxy
  • Conclusion
  • Long questions
8

Demystifying Covert Channels

  • Introduction
  • Structure
  • Objectives
  • Identifying covert communication using proxies
  • Using MitmProxy to decrypt Dropbox traffic
  • Using Dropbox API to gather attack details
  • Uncovering the attack pattern
  • Uncovering DNS misuse
  • Conclusion
  • Long questions
9

Analyzing Exploit Kits

  • Introduction
  • Structure
  • Objectives
  • How exploit kits work
  • Analysis of an exploit kit infection
  • Network forensics with Security Onion
  • Extracting malicious payload
  • Using Fakenet-Ng to simulate a network
  • Conclusion
  • Long questions
10

Automating Network Forensics

  • Introduction
  • Structure
  • Objectives
  • Parsing the Syslog format
  • IP reputation analysis
  • Writing dissectors for protocols in Lua
  • Conclusion
  • Long questions
11

Backtracking Malware

  • Introduction
  • Structure
  • Objectives
  • Investigating Cobalt Strike Encrypted traffic
  • Investigating TeamViewer and AnyDesk
  • Conclusion
  • Long questions
12

Investigating Ransomware Attacks

  • Introduction
  • Structure
  • Objectives
  • Analysis of WannaCry ransomware
  • Capturing ransomware keys for decryption
  • Analyzing GandCrab ransomware
  • Case Study: REVIL ransomware at a Bank
  • Conclusion
  • Long questions
13

Investigating Command and Control Systems

  • Introduction
  • Structure
  • Objectives
  • Investigating Metasploit Reverse Shell
  • Investigating Meterpreter Reverse Shell
  • Investigating Meterpreter Stageless Reverse Shell
  • Conclusion
  • Long questions
14

Investigating Attacks on Email Servers

  • Introduction
  • Objectives
  • Structure
  • Analysis of ProxyLogon attack
  • Investigating Email authentication logs
  • Conclusion
  • Long questions
15

Investigating Web Server Attacks

  • Introduction
  • Structure
  • Objectives
  • Web Server attack analysis
  • Conclusion
  • Long questions

1

Introduction

  • testing
2

Foundations of Network Forensics

  • Capturing Network Packets using TCPDump
  • Performing Network Analysis Using Wireshark
3

Protocols and Deep Packet Analysis

  • Using tshark to Filter Data from a PCAP File
4

Flow Analysis versus Packet Analysis

5

Conducting Log Analysis

  • Investigating SSH Logs
6

Wireless Forensics

7

TLS Decryption and Visibility

  • Capturing Browser Requests using mitmproxy
8

Demystifying Covert Channels

  • Resolving IP Addresses for Network Analysis
  • Investigating DNS Misuse
9

Analyzing Exploit Kits

10

Automating Network Forensics

11

Backtracking Malware

  • Investing Cobalt Strike Encrypted traffic
  • Monitoring TeamViewer Sessions
  • Investigating AnyDesk Sessions
12

Investigating Ransomware Attacks

13

Investigating Command and Control Systems

14

Investigating Attacks on Email Servers

15

Investigating Web Server Attacks

Related Courses

All Course
scroll to top