Technical Deep Dives with Tools of the Trade Course

Dig in for hours of deep-dive technical demonstrations to master memory, network and host forensics techniques.

4 hours, 1 minute

Syllabus

Scenario 3 – Live Ongoing Hacking Incident, Part 3: Eradication/Recovery

Video - 00:08:00
Investigate and contain this incident and see the logical handoff to disaster recovery and business continuity.
Scenario 3 – Live Ongoing Hacking Incident, Part 2: Investigation/Containment

Video - 00:20:00
Investigate and contain this incident and see the logical handoff to disaster recovery.
Scenario 3 – Live Ongoing Hacking Incident, Part 1: Detection/Investigation

Video - 00:22:00
See a walkthrough of being thrown into a live incident where the threat actors are still present. You will be able to follow along and participate in this response effort.
Scenario 2 – Data Breach/Hacking Incident, Part 3: Eradication/Validation

Video - 00:12:00
We will close out this first data breach case with the data threat eradicated, and move on to recovery.
Scenario 2 – Data Breach/Hacking Incident, Part 2: Containment

Video - 00:24:00
Continue the deep dive by moving from identification to containing the malware and other malicious things found in traffic and memory.
Scenario 2 – Data Breach/Hacking Incident, Part 1: Investigation

Video - 00:24:00
See how host, network and memory forensics are all used together to start finding artifacts and IoCs.
Hands-on Memory Forensics Labs, Part 2: Extracting Artifacts and IoCs from the Dump with Volatility

Video - 00:22:00
Continue the journey into memory with Volatility. This will include looking at previous connections that were not present when the dump was taken, all the way to extracting and carving a live piece of malware from the memory dump.
Hands-on Memory Forensics Labs, Part 1: Extracting a Memory Dump

Video - 00:10:00
A deep dive into memory forensics. This first video includes how to create the memory image from a machine for later analysis.
Hands-on Network Forensics Labs, Part 6: Investigating with Wireshark

Video - 00:15:00
Deep dive with Wireshark, including carving data and malware from traffic.
Hands-on Network Forensics Labs, Part 5: Wireshark Intro

Video - 00:13:00
Introduction to Wireshark for IR and some case work.
Hands-on Network Forensics Labs, Part 4: Putting Them Together

Video - 00:29:00
This session wraps up Zeek by showing how the best artifacts and IoCs are sometimes only apparent when you combine the logs and get proper context.
Hands-on Network Forensics Labs, Part 3: Zeek dns.log

Video - 00:11:00
Continuing our Zeek deep dive with DNS logs.
Hands-on Network Forensics Labs, Part 2: Zeek http.log

Video - 00:13:00
Continuing our Zeek deep dive with connection logs.
Hands-on Network Forensics Labs, Part 1: Zeek conn.log

Video - 00:20:00
Introduction to Zeek and a deep dive into pulling artifacts and indicators of compromise from http logs through Zeek.

Meet the author

Keatron Evans

Keatron Evans is at the forefront of AI-driven cybersecurity innovation. As VP of Portfolio Product and AI Strategy at Infosec, he leads the development of cutting-edge solutions that are redefining industry standards. Keatron is a sought-after speaker at major industry events like the RSA Conference and a trusted expert for media outlets, including CNN and Fox News. 

Learn More

Unlock 7 days of free training

  • 1,400+ hands-on courses and labs
  • Certification practice exams
  • Skill assessments
Start a Free Trial

Associated NICE Work Roles

All Infosec training maps directly to the NICE Workforce Framework for Cybersecurity to guide you from beginner to expert across 52 Work Roles.

  • All-Source Analyst
  • Mission Assessment Specialist
  • Exploitation Analyst

Plans & pricing

Infosec Skills Personal

$299 / year

Buy Now 7-Day Free Trial
  • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Custom certification practice exams (e.g., CISSP, Security+)
  • Skill assessments
  • Infosec peer community support

Infosec Skills Teams

$799 per license / year

Book a Meeting
  • Team administration and reporting
  • Dedicated client success manager
  • Single sign-on (SSO)
    Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
  • Integrations via API
    Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
  • 190+ role-guided learning paths and assessments (e.g., Incident Response)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Create and assign custom learning paths
  • Custom certification practice exams (e.g., CISSP, CISA)
  • Optional upgrade: Guarantee team certification with live boot camps

Learn about scholarships and financing with

Affirm logo

Award-winning training you can trust