Course Information
Registration period
Year-round Recruitment
Course Level
Study Mode
Duration
2 Hour(s) 54 Minute(s)
Language
English
Taught by
Packt Publishing
Rating
1 views
Course Overview
Use common Python libraries and tools to excel in network and host digital forensics
Python is uniquely positioned as a programming language to perform cyber investigations and perform forensics analysis. Unleash the power of Python by using popular libraries and Python tools to help you create efficient and thorough forensics investigations. This course will walk you through digital forensics on network traffic, host analysis, and memory analysis.
The course starts with network forensics, an important aspect of any investigation. You will learn to read, sort, and sniff raw packets and also analyze network traffic. These techniques will help you drive your host analysis. You will learn about tools you'll need to perform a complete investigation with the utmost efficiency in both Windows and GNU/Linux environments with Python. Next, you will learn more advanced topics such as viewing data in PE and ELF binaries. It's vital to analyze volatile memory during an investigation as it provides details about what is actually running on a given system. So, you will learn the best tools to obtain and analyze volatile memory images. Finally, you will learn how to use Python in order to think like an attacker. You will complete enumeration, exploitation, and data exfiltration.
By the end of the course, you will be able to make the most of Python processes and tackle varied, challenging, forensics-related problems. So, grab this course and think like an attacker!
About the Author
Daryl Bennett is a manager of a Cyberspace Threat Emulation team with the United States Air Force, where he leads military and civilian members in the employment and execution of offensive security on order to audit the security of network infrastructures. He is a key operator, focusing on risk analysis and the overall security posture of cyberspace systems. Additionally, he has 5+ years' experience working in the open-source community. He is a development specialist in a wide range of domains, including GNU/Linux applications, Android mobile, and autonomous systems. He is passionate about sustaining, developing, and implementing both current and new technologies, while practicing analytical problem-solving and learning as much as possible in the process.
Course Content
- 5 section(s)
- 22 lecture(s)
- Section 1 Python for Network Forensics
- Section 2 Windows
- Section 3 GNU/Linux Forensics
- Section 4 Memory Forensics
- Section 5 Threat Emulation
What You’ll Learn
- Think like an attacker and solve forensics issues with more efficiently
- Learn network forensics to drive your host analysis
- Investigate with the utmost efficiency in Windows and GNU/Linux environments
- Learn advanced data-viewing topics in file analysis
- Get the best tools to obtain and analyze volatile memory images
- Use Python to complete enumeration, exploitation, and data exfiltration
Reviews
-
SSøren Berggreen
It's going way too fast to follow, when trying with own tools.
-
MMarguerite L. Tomlin
Great course overall! Enjoyed it and most importantly, learned a lot about python and digital forensics! Recommend!
-
JJason Ballard
The first two sections are in depth and explain every step. The last couple sections appear to be very rushed, mainly show preexisting tool usage that have been written in python like volatility, and are missing steps that may be useful for someone not familiar with things like netcat, scp, etc. The 'digital forensics' aspect is not a main factor in this course. This is more of a general python usage course.
-
EErik Smith
Great course and great instructor
