Litehaus
Litehaus
  • Home
  • Workshops
  • Courses
  • Testimonials
  • Contact
  • Feed
  • More
    • Home
    • Workshops
    • Courses
    • Testimonials
    • Contact
    • Feed
  • Sign In

  • My Account
  • Signed in as:

  • filler@godaddy.com


  • My Account
  • Sign out

Signed in as:

filler@godaddy.com

  • Home
  • Workshops
  • Courses
  • Testimonials
  • Contact
  • Feed

Account


  • My Account
  • Sign out


  • Sign In
  • My Account
Find out more

Workshops

Network Reconnaissance (4 Hours)

In this hands-on workshop, we will use multiple tools to identify services, including software package and version information running on unknown systems. Network services to be targeted will include those running on non-standard ports or behind firewalls. After exploring the use of network scanning tools, we will switch our attention to analyzing website data by extracting website contents and exploring its metadata. Attendees will be provided access to their own lab environment.

Overview of Workshop Objectives

  • Scanning networks and hosts using nmap and nbtscan tools.
  • Enumerating SNMP and RPC services.
  • Basics of using the Metasploit framework.
  • Explore the use and impacts of the iptables firewall.
  • Extracting and analyze website content using wget.
  • Overview of the FOCA tool.
  • Perform document metadata analysis.
  • Extract and analyze image file metadata.

Prerequisite Knowledge:

  • Basic networking concepts (TCP/IP, DNS, etc.) and familiarity with the Unix/Linux command line.
  • Basic knowledge of web technologies (e.g., HTML).
  • Some familiarity with  the Windows Command Prompt.


Volatility Framework (4 Hours)

Introduce students to the process of capturing a live RAM image and analyzing it using Volatility. Learners will explore several Volatility plugins for analyzing a Windows memory image, then analyze actual RAM images, including one with active malware.

Overview of Workshop Objectives

  • Analyzing a suspect system "live."
  • Determine whether a system contains evidence.
  • Explore the open-source Volatility framework.
  • Examine RAM snapshots. 
  • Review the process of capturing a live RAM image. 
  • Learn about Volatility plugins for analyzing a Windows memory image.
  • Analyze RAM images, including one with active malware.

Prerequisite Knowledge:

  • Familiarity with cyber forensics best practices
  • Comfortable with a Linux command line. 
  • Understand operating systems concepts.


Autopsy & SleuthKit (4 Hours)

Introduce learners to the process of imaging and forensically analyzing disks, including finding artifacts such as deleted files. Autopsy forensic browser will be used in addition to command-line programs from the open-source Sleuth Kit tool set.

Overview of Workshop Objectives

  • Introduces learners to the process of imaging and forensically analyzing disks.
  • Finding artifacts such as deleted files.
  • Explore the Autopsy forensic browser.
  • Use the open-source Sleuth Kit tool set.

Prerequisite Knowledge:

  • Familiarity with cyber forensics best practices
  • Comfortable with a Linux command line. 
  • Understand operating systems concepts.


Windows Forensics (4 Hours)

Learners will explore forensic artifact concepts common to Windows computers, such as traces of user activity left behind on a computer even after the user logs out or the computer is shut down.

Overview of Workshop Objectives

  • Learn about forensic artifacts commonly found on Windows computers.
  • Investigate a suspected data breach by an employee. of an organization. They will be given 
  • Use a disk image to look for forensic artifacts and the 
  • Use tools such as Autopsy, Registry Editor, RegRipper, LECmd, JumpList Explorer, RecentFileCacheParser, PECmd, and ShellBags Explorer

Prerequisite Knowledge:

  • Familiarity with cyber forensics best practices
  • Comfortable with a Linux command line. 
  • Understand operating systems concepts.


Reversing Malware (4 Hours)

This workshop will explore file analysis techniques designed to identify hidden malware. The Cuckoo sandbox is used to detonate a suspicious executable so it can be analyzed for signs of malicious behavior. Additionally, the UPX and OllyDbg utilities are used to unpack a suspicious executable and further analyze its operation.

Overview of Workshop Objectives

  • Prepare Host Machine for Analysis with Cuckoo 
  • Analyze malware with Cuckoo Sandbox 
  • Automatically unpack malware with UPX 
  • Manually unpack malware with OllyDbg 

Prerequisite Knowledge:

  • Familiarity with cyber forensics best practices
  • Comfortable with a Linux command line. 
  • Basic understanding of computer architecture and assembly language

Find out more

Copyright © 2023 Litehaus - All Rights Reserved.

Powered by GoDaddy

  • Privacy Policy
  • Terms and Conditions

Cookie Policy

This website uses cookies. By continuing to use this site, you accept our use of cookies.

Accept & Close