Use common Python libraries and tools to excel in network and host digital forensics
Python is uniquely positioned as a programming language to perform cyber investigations and perform forensics analysis. Unleash the power of Python by using popular libraries and Python tools to help you create efficient and thorough forensics investigations. This course will walk you through digital forensics on network traffic, host analysis, and memory analysis.
The course starts with network forensics, an important aspect of any investigation. You will learn to read, sort, and sniff raw packets and also analyze network traffic. These techniques will help you drive your host analysis. You will learn about tools you’ll need to perform a complete investigation with the utmost efficiency in both Windows and GNU/Linux environments with Python. Next, you will learn more advanced topics such as viewing data in PE and ELF binaries. It’s vital to analyze volatile memory during an investigation as it provides details about what is actually running on a given system. So, you will learn the best tools to obtain and analyze volatile memory images. Finally, you will learn how to use Python in order to think like an attacker. You will complete enumeration, exploitation, and data exfiltration.
By the end of the course, you will be able to make the most of Python processes and tackle varied, challenging, forensics-related problems. So, grab this course and think like an attacker!
The code bundle for this course is available at https://github.com/PacktPublishing/Recipes-to-Successful-Python-Digital-Forensics.
Style and Approach
This course adopts a recipe-based approach with progressive complexity. You will learn about network forensics and techniques to drive your host analysis. Next, you will master different tools you’ll need to complete investigations in both Windows and GNU/ Linux environments with Python. Then you’ll learn more advanced topics, including the benefits of volatile memory acquisition and analysis. By the end of the course, you will have learned the basics of how to think as an attacker.
What You Will Learn
Daryl Bennett is a manager of a Cyberspace Threat Emulation team with the United States Air Force, where he leads military and civilian members in the employment and execution of offensive security on order to audit the security of network infrastructures. He is a key operator, focusing on risk analysis and the overall security posture of cyberspace systems. Additionally, he has 5+ years’ experience working in the open-source community. He is a development specialist in a wide range of domains, including GNU/Linux applications, Android mobile, and autonomous systems. He is passionate about sustaining, developing, and implementing both current and new technologies, while practicing analytical problem-solving and learning as much as possible in the process.
Password: Click ME