תפריט
6460
בדיקת התאמה להייטק ללא עלות

סייבר ואבטחת מידע

Python Forensics

מספר הקורס 71589

למה ללמוד בג'ון ברייס?
  • למידה חדשנית ודינמית עם כלים מתקדמים בשילוב סימולציות, תרגול וסביבות מעבדה
  • מגוון הכשרות טכנולוגיות עם תכנים המותאמים להתפתחות הטכנולוגית ולביקוש בתעשיית ההייטק
  • מובילים את תחום ההכשרות לעולם ההייטק והטכנולוגיה כבר 30 שנה, עם קהילה של עשרות אלפי בוגרים
  • אתם בוחרים איך ללמוד: פרונטאלית בכיתה, מרחוק ב- Live Class או בלמידה עצמית
מעניין אותי לשמוע עוד

המועדים הקרובים

קורס לקבוצות

הקורס נפתח במתכונת של קבוצה בלבד, בהתאמה אישית לארגונים.
לפרטים נוספים: Muzman@johnbryce.co.il

לחץ כאן

משך הקורס

שעות לימוד:

40

מספר מפגשים:

קורס בוקר:

5

מתכונת הקורס

הקורסים המוזמנים לארגונים מותאמים באופן אישי ומלא לצרכי הארגון, מערכי הלימוד גמישים וניתן לשלב בהם תכנים רלוונטיים וייעודיים.

  • מרצים מומחים ומנוסים מהתעשייה
  • למידה מתקדמת בהתאמה אישית
  • התפתחות ושדרוג מקצועי
  • חוויית למידה חדשנית ומקיפה
  • ליווי וייעוץ מקצועי
  • חומרי לימוד ייחודיים ובלעדיים

Overview

What makes an excellent digital forensics investigator is to have the knowledge and skill to automate forensics stages using the Python programming language’s power. Many laboratories rely on Python to build basic models for predictions and to run experiments. It also helps to control critical operational systems. Python has built-in capabilities to support the digital investigation and protect the integrity of evidence during an investigation. This training will provide the student with steppingstones on how to take forensics skills to the next level, combining them with powerful Python scripting.

On Completion, Delegates will be able to

Lear to work with different modules to accomplish tasks

Analyze artifacts left on a compromised system using Python

Perform network traffic monitoring and analyzing logs

Who Should Attend

Law enforcement officers & intelligence corps

Incident responders

Computer investigators

IT/network administrators

IT security personnel

Junior-Cyber forensics analysts

תכנית הלימודים

Full syllabus
PDF להורדה

Module 1: Introduction to Python

During this module, students will be introduced to the world of Python. Students will learn to install Python and its additional modules, write basic scripts, create clients and servers’ socket, and work with files.

  • Introduction to Python Scripting
    • Installing of Python
    • Python Basics
  • OS and Networks
    • Using PIP to Install Additional Modules
    • The OS Module
    • Sockets

Module 2: Basic Python Network Forensics

This module will cover the subject of network forensics; students will learn to install and work with a variety of network frameworks and tools and network trace analyses and capturing, recovering, and visualizing the traffic.

  • Pandas and Scapy
    • Introduction to Scapy
    • Crafting Raw Packets with Scapy
    • Communicating with SSL
    • Introduction to Numpy
    • Panda Basics
    • Panda Dataframe Basics
  • Analyzing Network Traces
    • DSHELL Framework
    • Network Traces Statistics
    • Visualizing Network Traces
    • Converting Pcap to Pandas DataFrame
    • Basic Payload Investigation

Module 3: Python OS Forensics

Python OS Forensics is a core essential of Python forensics; this module will cover forensics in both primary operating systems today, image manipulation, and metadata analysis.

  • Python Forensics in Windows
    • Basic File Metadata
    • Data Representation
    • Carving Data and Metadata
    • Analyzing Windows Artifacts
    • Windows Event Logs Handling
  • Python Forensics in Linux
    • The Linux Filesystem
    • Analyzing User’s Command-Histories
    • Capturing Images
    • Extracting Object from Image
    • Memory Capture and Analyzes

Module 4: Advanced Forensics

During this module, students will learn to deal with advanced networking.

  • Advanced Forensics
    • Advanced Networking
    • Working with Data
    • TWISTED Python
    • Footprinting Applications
Prerequisites

Advanced knowledge of:

  • Linux
  • Network Forensics (Course 71586) or Windows Forensics (Course 71585)
סימולטור - Cyberium Arena

The courses at John Bryce Training allow you to gain experience with unique simulators and hands-on practice labs that include a variety of scenarios. Students are given the opportunity to put in practice what they have learned in order to retain all the relevant skills and information they were given throughout the course, this way upgrading their knowledge and expertise.

The simulator that is used in the hands on practice labs is The Cyberium system. This is an advanced cyber scenario simulator which has been developed by cyber experts who have been constantly involved in cyber training and in giving knowledge gaps solutions in the field of cyber. The simulator includes two main types of scenarios – educational and realistic.

Each educational scenario is focused on a different aspect of the course and simulates a specific aspect of the training topics. Each issue or topic taught in the course has a point exercise that allows the student to focus on it and deeply learn it.

The realistic scenarios simulate possible or past incidents related to Information Security. This includes everything from topics such as the Regulation of Cyber Systems to Attacks by Terrorist Hacker Organizations. These scenarios are broader than the educational exercises and require more of a systemic, strategic and comprehensive vision.

After each scenario, the system automatically generates detailed reports that serve as immediate feedback that allows the student and lecturer to measure the abilities, strengths, and weaknesses of the participant.

 

קורסים מקצועיים למתקדמים