Armour Infosec Certified Computer hacking and forensic Expert is the collection, preservation, analysis, identification and presentation of computer-related evidence that can be useful in criminal cases for the purpose of facilitation or furthering the reconstruction of events found to be criminal.
You will learn how to search valuable information on typical Linux systems with LAMP services, and deposit and hide Trojans for future exploitation. You will learn how to patch these web apps with input validation using regular expressions. You will learn a security design pattern to avoid introducing injection vulnerabilities by input validation and replacing generic system calls with specific function calls. You will learn how to hack web apps with SQL injection vulnerabilities and retrieve user profile information and passwords. You will learn how to patch them with input validation and SQL parameter binding. You will learn the hacking methodology, Nessus tool for scanning vulnerabilities, Kali Linux for penetration testing, and Metasploit Framework for gaining access to vulnerable Windows Systems, deploying keylogger, and performing Remote VNC server injection. You will learn security in memory systems and virtual memory layout, and understand buffer overflow attacks and their defences.
Computer hacking and forensic expert is one of the largest growing professional certifications. The main goals of computer forensics are the preservation, identification, extraction, documentation and interpretation of recovered computer data.
Scope of forensic science in India
With the rising number of incidents of crime regarding hacking and fraud in India, the scope of forensic science is definitely rising. Today there are some job related to Forensic Science in both the Government and Private Sectors are available likeโฆ in Crime Branches, CBI, CID, Police, Investigation Bureau, Defense/Army, Courts, Narcotics Dept.,Universities, Detective Agencies, Banks, Insurance Companies.
Course Details
Perform incident response and forensics, evidence collections, digital forensic acquisitions, bit-stream Imaging/acquiring of the digital media seized during the process of investigation. Examine and analyze text, graphics, multimedia, and digital images. Crack (or attempt to crack) password protected files, Conduct thorough examinations of computer hard disk drives, and other electronic data storage media
Recover information and electronic data from computer hard drives and other data storage devices, Follow strict data and evidence handling procedures, Maintain audit trail (i.e., chain of custody) and evidence integrity, Work on technical examination, analysis and reporting of computer-based evidence, Prepare and maintain case files, Utilize forensic tools and investigative methods to find electronic data, including Internet use history, word processing documents, images and other files, Recover deleted files and partitions in Windows, Mac OS X, and Linux
Investigate events for evidence of insider threats or attacks, Support the generation of incident reports and other collateral
Investigate and analyze all response activities related to cyber incidents, Plan, coordinate and direct recovery activities and incident analysis tasks, Examine all available information and supporting evidence or artefacts related to an incident or event
- What is forensics?
- Professions needing forensics
- Differences with legal investigations
- Reasons for corporate investigations
- Preparing for an investigation
- Forensic workstation
- Encase
- Ftk
- Coroners toolkit
- Prodiscover basic
- Audit policies
- Reporting
- Unix tools
- Sleuth kit
- Deft linux
- Windows family
- Mac os x
- Linux
- Other types of operating systems
- Boot processes
- File systems: windows-based
- File systems: linux
- File systems: mac os
- File systems: cd
- Raid
- Autostarting
- Executable types and structure: windows
- Executable types and structure: unix-based
- Disk partitions
- Image formats
- Image acquisitions under linux
- Image acquisitions under windows
- Volatile information
- Data recovery
- Hard drives
- Osi reference model
- Tcp/ip
- Network attacks
- Reasons for network acquisitions
- Man in the middle attacks
- Capturing traffic
- Network miner
- Other network tools
- Wireless networking
- Wireless tools
- Firewalls and their uses
- Intrusion detection systems
- Alternate data streams
- Deleted files
- Hidden partitions
- Slack space and swap file
- Registry
- Virtual memory
- System recovery checkpoints: windows
- Audit logs and settings
- Graphics files
- Internet: cache, cookies, etc.
- Metadata
- Log files
- Steganography
- Steganography techniques: images and video
- Steganography techniques: audio and documents
- Steganalysis
- Compression
- Virtual machines
- Checkpoints
- Data formats
- Hypervisors
- IOS
- Android
- Symbian OS
- Tools
- Memory considerations
- Sim cards
- Malware forensics
- Static malware analysis
- Dynamic malware analysis