Python: Digital Forensics & Binary Exploits with Python Download
Solve real-world forensics problems with innovative solutions
What you’ll learn
- Learn network forensics to drive your host analysis
- Investigate with the utmost efficiency in Windows and GNU/Linux environments
- Get the best tools to obtain and analyze volatile memory images
- Use Python to complete enumeration, exploitation, and data exfiltration
- Remove unwanted code such as the password or product key tests, and add Trojan code
- Analyze simple Windows executable files and modify them using the Immunity Debugger
- Analyze simple Linux executable files and modify them using the gdb debugger
- Prior programming experience with python is beneficial but not required.
Python is uniquely positioned as a programming language to perform cyber investigations and perform forensic analysis. Unleash the power of Python by using popular libraries and Python tools to help you create efficient and thorough forensics investigations.
This learning path follows a practical approach & can be of utmost importance as it guides you to read, sort, and sniff raw packets and also analyze network traffic. You will learn various tools required to perform a complete investigation with the utmost efficiency in both Windows and GNU/Linux environments with Python. It then explains binary exploits that allow you to skip past unwanted code, such as the password or product key tests, and add Trojan code. You will perform the exploit development process: finding a vulnerability, analyzing a crash in a debugger, creating a crafted attack, and achieving remote code execution on Windows and Linux.
By the end of the course, you will be able to make the most of Python processes and tackle varied, challenging, forensics-related problems. So, grab this course and think like an attacker!
Contents and Overview
This training program includes 2 complete courses, carefully chosen to give you the most comprehensive training possible.
The first course, Python Digital Forensics starts with network forensics, an important aspect of any investigation. You will learn to read, sort, and sniff raw packets and also analyze network traffic. These techniques will help you drive your host analysis. You will learn about tools you’ll need to perform a complete investigation with the utmost efficiency in both Windows and GNU/Linux environments with Python. Next, you will learn more advanced topics such as viewing data in PE and ELF binaries. It’s vital to analyze volatile memory during an investigation as it provides details about what is actually running on a given system.
About the Authors:
- Daryl Bennett is a manager of a Cyberspace Threat Emulation team with the United States Air Force, where he leads military and civilian members in the employment and execution of offensive security on order to audit the security of network infrastructures. He is a key operator, focusing on risk analysis and the overall security posture of cyberspace systems. Additionally, he has 5+ years’ experience working in the open-source community. He is a development specialist in a wide range of domains, including GNU/Linux applications, Android mobile, and autonomous systems. He is passionate about sustaining, developing, and implementing both current and new technologies while practicing analytical problem-solving and learning as much as possible in the process.
- Sam Bowne has been teaching computer networking and security classes at City College San Francisco since 2000. He has given talks and hands-on at DEFCON, HOPE, B-Sides SF, B-Sides LV, BayThreat, LayerOne, Toorcon, and many other schools and conferences. Credentials: Ph.D., CISSP, DEF CON Black-Badge Co-Winner
Who this course is for:
- This learning path is aimed at the practitioner, security professional, possessing a deep interest in solving common forensics tasks & who wish to upgrade their experience with Python.