Course Overview:

This course is designed for professionals that are expected to do malware analysis. A skills focus enables the student to better absorb the subject matter and perform successfully on the job.   This is not death by power point. The course is aligned with information assurance operators and executing hands-on labs. Lecture and labs walk the student through the knowledge required to truly understand the mechanics Reverse Engineering Malware.

Attendees to TN-999: Reverse Engineering Malware will receive TechNow approved course materials and expert instruction.

Date/Locations:

Duration: 5 days

Course Objectives:

• Toolkit and Lab Assembly
• Malware Code and Behavioral Analysis Fundamentals
• Malicious Static and Dynamic Code Analysis
• Collecting/Probing System and Network Activities
• Analysis of Malicious Document Files
• Analyzing Protected Executables
• Analyzing Web-Based Malware
• DLL Construction and API Hooking
• Common Windows Malware Characteristics in x86 Assembly
• Unpacking Protected Malware
• In-Depth Analysis of Malicious Browser Scripts, Flash Programs and Office
• In-Depth Analysis of Malicious Executables
• Windows x86 Assembly Code Concepts for Revers-Engineering Memory Forensics for Rootkit Analysis

Prerequisites:

• Strong understanding of core systems and network concepts
• Exposure to programming and assembly concepts
• Comfortable with command line access

Comments

Latest comments from students

User: marcus.osullivan

Instructor comments: Good stuff. I like the beginning half where there was help from an additional instructor to facilitate fixing computer errors that inevitably popped up.

Facilities comments: The baby deer were neat! I like the resort.

Liked the class?  Then let everyone know!

Course Overview:

Intrusion Analyst is a hands-on course that covers intrusion detection in-depth. This includes concepts such as the use of Snort, network traffic analysis, and IDS signatures.

A skills focus enables the student to better absorb the subject matter and perform successfully on the job.   This is not death by power point. The course is aligned with information assurance operators and executing hands-on labs. Lecture and labs walk the student through the knowledge required to truly understand the mechanics of packet and intrusion analysis.

Attendees to TN-979: Intrusion Analyst will receive TechNow approved course materials and expert instruction.

Date/Locations:

Duration: 5 days

Course Objectives:

• Advanced Snort Concepts
• Analyst Toolkit
• Domain Name System (DNS)
• Examining Packet Crafting
• Examining Packet Header Fields
• Fragmentation
• ICMP Theory
• IDS Interoperability
• IDS Patterns
• IDS/IPS Management & Architecture Issues
• Indications, Warnings & Traffic Correlation
• IPv6
• Microsoft Protocols
• Network Traffic Analysis
• NIDS Evasion, Instertion & Checksums
• Snort Fundamentals & Configuration
• Snort GUIs & Sensor Management
• Snort Performance, Active Response & Tagging
• Snort Rules
• Stimulus Response
• TCPdump Fundamentals
• TCP/IP Fundamentals
• Wireshark Fundamentals
• Writing TCPdump Filters

Course Prerequisites:

• GSEC or equivalent experience
• UNIX, Windows, Networking, and Security Experience
• This is a hands-on skill course requiring comfort with command line interaction and network communications

Comments

Latest comments from students

User: Tosha

Instructor comments: Dave was an excellent instructor. He is very informative and knowledgeable in the course and the material. I have enjoyed the class and I would take another course with him as the instructor.

Facilities comments: Very nice and clean hotel.

User: buckey26

Instructor comments: Dave was one of the best instructors I have ever had for a tech course. He broke down everything to the point where you can understand it internally.

Liked the class?  Then let everyone know!

Course Overview:

This course engages students by providing in-depth knowledge of the most prominent and powerful attack vectors and an environment to perform these attacks in numerous hands-on scenarios. This course goes far beyond simple scanning for low-hanging fruit, and shows penetration testers how to model the abilities of an advanced attacker to find significant flaws in a target environment and demonstrate the business risk associated with these flaws.

A skills focus enables the student to better absorb the subject matter and perform successfully on the job.   This is not death by power point. The course is aligned with information assurance operators and executing hands-on labs. Lecture and labs walk the student through the knowledge required to truly understand the mechanics of the attacks and the effectiveness.

Attendees to TN-989: Advanced Penetration Testing, Exploits, and Ethical Hacking course will receive TechNow approved course materials and expert instruction.

Date/Locations:

Course Duration: 5 days

Course Objectives:

• Accessing the Network
• Advanced Fuzzing Techniques
• Advanced Stack Smashing
• Attacking the Windows Domain – Enumeration
• Attacking the Windows Domain – Restricted Desktops
• Attacking the Windows Domain – The Attacks
• Building a Metasploit Module
• Crypto for Penetration Testers
• Exploiting the Network
• Fuzzing Introduction and Operation
• Introduction to Memory and Dynamic Linux Memory
• Introduction to Windows Exploitation
• Manipulating the Network
• Python and Scapy For Penetration Testers
• Shellcode
• Smashing the Stack
• Windows Heap Overflow Introduction
• Windows Overflows

Course Prerequisites:

• GSEC or equivalent experience
• UNIX, Windows, Networking, and Security Experience
• This is a hands-on skill course requiring comfort with command line interaction and network communications

Comments

Latest comments from students

User: ryanv

Instructor comments: Great.

Facilities comments: N/A. Hotel.

User: sean.hollinger

Instructor comments: Instructor is technically knowledgeable as he has been on every course I've taken with TechNow.

Facilities comments: adequate

Liked the class?  Then let everyone know!