Digital Forensics for Penetration Testers Online Course
Digital Forensics for Penetration Testers Online Course
Digital forensics plays a critical role in cybersecurity by helping identify and trace cybercriminals, eliminate malicious backdoors, and prevent future incidents. This course serves as a comprehensive introduction to digital forensics for penetration testers and cybersecurity professionals looking to enhance their expertise and add valuable skills to their resumes. It provides hands-on experience and distinguishes between theory and practical application, offering a solid foundation for those pursuing a career in digital forensics while highlighting its distinction from computer security.
Key Benefits
- Gain proficiency in utilizing Kali Forensic Mode and Autopsy for digital forensics investigations.
- Explore open-source intelligence (OSINT) techniques and tools to enhance investigative capabilities.
- Master the process of extracting Wi-Fi credentials using netsh for forensic analysis.
Target Audience
This course is designed for penetration testers who are keen on expanding their knowledge of digital forensic investigations, as well as individuals interested in exploring the intersection of digital forensics with penetration testing and ethical hacking.
Learning Objectives
- Acquire the skills to forensically image devices for data preservation and analysis.
- Understand techniques for recovering deleted data across different operating systems.
- Learn the best practices for creating professional and legally compliant digital forensic reports.
- Master the proper handling and preservation of digital media before and during investigations.
- Gain expertise in using a variety of forensic tools to conduct comprehensive digital forensic investigations.
- Develop the ability to analyze and reverse-engineer software and malware to uncover malicious activities.
Course Outline
The Digital Forensics for Penetration Testers Exam covers the following topics -
Module 1 - Setting Up Your Forensics Environment with VirtualBox
- Steps for Downloading ISO and OVA Files for VirtualBox
- Installing CSI Linux 2021.2 in a Virtual Machine
- Learn how to Set Up a Kali Live (Forensic Mode) Virtual Machine
- Installing Kali in VirtualBox
- Setting Up Windows 10 in a Virtual Machine
- Installing Metasploitable2 in a Virtual Machine
Module 2 - Using Kali Forensic Mode and Autopsy
- Introduction to Autopsy
- Simulating Disk Image Creation for Forensic Analysis
- Analyzing a Forensic Disk Image with Autopsy
Module 3 - Managing Digital Forensics Cases
- Steps for Installing the WebMap-Nmap Dashboard
Module 4 - Open-Source Intelligence (OSINT)
- Conducting OSINT with CSI Linux Investigator
- Locating Social Media Accounts Using Sherlock
- Overview of the OSINT Framework
Module 5 - Using Shodan to Identify Vulnerable Devices
- Preparing CSI Investigator for Shodan Integration
- Understand Searching for Vulnerable Devices with Shodan
- Using Shodan to Find Vulnerable Databases
Module 6 - Computer Forensics
- Connecting an External USB Device in Kali
- Acquiring a Forensic Copy of the Windows Registry
- Analyzing the Windows Registry for Forensic Evidence
- Dumping Wi-Fi Credentials Using netsh
- Analyzing Email Headers
- Using Shellbags to View Hidden or Deleted Folders
- Extracting Thumbnail Images from a Suspect's Device
- Conducting Memory Forensics with the Volatility Framework
Module 7 - Reverse Engineering and Malware Analysis
- Installing Ghidra on CSI Linux
- Introduction to Ghidra Usage
- Reverse Engineering crackme0x00 Using Ghidra
- Reverse Engineering crackme0x05 Using Ghidra
- Analyzing the WannaCry Killswitch with Ghidra
Module 8 - Steganography
- Using Steghide to Hide and Extract Data
- Reading and Writing EXIF Tags with EXIFtool
Module 9 - Network Forensics with Wireshark
- Overview of Wireshark 3.2
- Exploring Wireshark Capture Options
- Understanding Wireshark Toolbar Icons
- Installing a Wireless Adapter in Kali
- Hacking a Wireless Network with Kali Linux
- Process of Capturing Wireless Traffic Using Wireshark
- Learn about Capturing a TCP 3-Way Handshake with Wireshark
