Search the Community

Description This course will teach you how the primary encryption protocol used on the internet, TLS, operates. You’ll learn about the process and all the protocols involved in encryption using TLS. TLS, sometimes called SSL, is the primary method of encryption for most communication on the internet including web and email communication. In this course, Analyzing and Decrypting TLS with Wireshark, you’ll learn the process and protocols TLS uses to encrypt traffic. First, you’ll see a visual description of how TLS encryption operates, explaining all of the critical steps of encryption and protocols involved. Next, you’ll observe a packet capture of an HTTPs website using Wireshark, and examine the unencrypted components of the TLS handshake. Finally, you’ll learn how to capture session keys on your local computer in order to decrypt TLS traffic in Wireshark, and then examine the entire TLS handshake process. By the end of this course, you’ll be able to capture HTTPs traffic with Wireshark, capture the session keys for the TLS encryption, and decrypt the HTTPs session in Wireshark. [Hidden Content] [hide][Hidden Content]]

Adding and Analyzing Resident and Non-Resident Data in NTFS Data Streams and the Master File Table using Hex Editors. What you'll learn Basic understanding and importance of Data Streams Adding Resident and Non-Resident Data in the Data Streams Analyzing Short and Long Filenames using WinHex Analyzing Resident and Non-Resident Data using WinHex Verifying existence of Non-Resident Data using HxD Requirements Fundamental knowledge about computers and Windows OS Description The course will help students to learn about the basics of Microsoft Windows File System (NTFS), the Master File Table (MFT) and how data is stored in data streams, both primary and alternate. Students will also get to differentiate between resident and non-resident data and learn how to hide data in the ADS. It would also enable students to analyze the data inside and outside of the MFT and to locate the specific cluster/sector on the hard disk where this data is actually stored. Moreover the students will be able to: Understand the basics of Alternate Data Streams (ADS), their usage and history Adding resident (less than 512 bytes) and non-resident (more than 512 bytes) data in both alternate and primary data streams Analyzing the resident data in any stream by locating it inside the MFT using a common Hex Editor Analyzing the non-resident data in any stream by locating its actual cluster and sector address on the disk Verifying the presence of non-resident data in any data stream with the help of another Hex Editor Practically experiment common Forensics tools and Hex Editors for analyzing data in the MFT and otherwise. This course will turn out to be very useful for the students who want to understand the basics of computer forensics and file systems as it provides insight to analyzing data stored in the data streams. Who this course is for: Cyber Security and forensics related students and professionals [Hidden Content] [hide][Hidden Content]]