Course Overview:
This course is designed for professionals that are expected to do malware analysis. A skills focus enables the student to better absorb the subject matter and perform successfully on the job. This is not death by power point. The course is aligned with information assurance operators and executing hands-on labs. Lecture and labs walk the student through the knowledge required to truly understand the mechanics Reverse Engineering Malware.
Attendees to TN-999: Reverse Engineering Malware will receive TechNow approved course materials and expert instruction.
Date/Locations:
Duration: 5 days
Course Objectives:
- Toolkit and Lab Assembly
- Malware Code and Behavioral Analysis Fundamentals
- Malicious Static and Dynamic Code Analysis
- Collecting/Probing System and Network Activities
- Analysis of Malicious Document Files
- Analyzing Protected Executables
- Analyzing Web-Based Malware
- DLL Construction and API Hooking
- Common Windows Malware Characteristics in x86 Assembly
- Unpacking Protected Malware
- In-Depth Analysis of Malicious Browser Scripts, Flash Programs and Office
- In-Depth Analysis of Malicious Executables
- Windows x86 Assembly Code Concepts for Revers-Engineering Memory Forensics for Rootkit Analysis
Prerequisites:
- Strong understanding of core systems and network concepts
- Exposure to programming and assembly concepts
- Comfortable with command line access
Comments
Latest comments from students
User: marcus.osullivan
Instructor comments: Good stuff. I like the beginning half where there was help from an additional instructor to facilitate fixing computer errors that inevitably popped up.
Facilities comments: The baby deer were neat! I like the resort.
Liked the class? Then let everyone know!
Course Overview:
The Computer Hacking Forensic Investigator (CHFI) course delivers the security discipline of digital forensics from a vendor-neutral perspective. CHFI is a comprehensive course covering major forensic investigation scenarios and enabling students to acquire necessary hands-on experience with various forensic investigation techniques and standard forensic tools necessary to successfully carry out a computer forensic investigation leading to the prosecution of perpetrators.
The CHFI certification gives participants the necessary skills to perform an effective digital forensics investigation. CHRI presents a methodological approach to computer forensics including searching and seizing, chain-of-custody, acquisition, preservation, analysis and reporting of digital evidence
What’s Included:
- 5 days of instructor-led in classroom training
- Detailed Labs for hands-on learning experience; approximately 50% of training is dedicated to labs
- Hundreds of investigation tools including EnCase, Access Data FTL, & ProDiscover
- Huge cache of evidence files for analysis including RAW, .dd images, video & audio files, MS Office files, systems files, etc.
- CHFI Courseware
- Exam Voucher
- CHFI onsite exam scheduling
Course Objectives:
- Establish threat intelligence and key learning points to support pro-active profiling and scenario modeling
- Perform anti-forensic methods detection
- Perform post-intrusion analysis of electronic and digital media to determine the who, where, what, when, and how the intrusion occurred
- Extract and analyze of logs from various devices like proxy, firewall, IPS, IDS, Desktop, laptop, servers, SIM tool, router firewall, switches AD server, DHCP logs, Access Control Logs & conclude as part of investigation process
- Identify & check the possible source/ incident origin
- Recover deleted files and partitions in Windows, MAC OS X, and Linux
- Conduct reverse engineering for known and suspected malware files
- Collect data using forensic technology methods in accordance with evidence handling procedures, including collection of hard copy and electronic documents
Dates/Locations:
Duration: 5 Days
Course Content:
-
- Module 01. Computer Forensics in Today’s World
- Module 02. Computer Forensics Investigation Process
- Module 03. Understanding Hard Disks and File Systems
- Module 04. Data Acquisition and Duplication
- Module 05. Defeating Anti-forensics Techniques
- Module 06. Operating System Forensics (Windows, Mac, Linux)
- Module 07. Network Forensics
- Module 08. Investigating Web Attacks
- Module 09. Database Forensics
- Module 10. Cloud Forensics
- Module 10. Malware Forensics
- Module 11. Investigating Email Crimes
- Module 12. Investigating Email Crimes
- Module 13. Mobile Forensics
- Module 14. Forensics Report Writing and Presentation
Prerequisites:
TechNow, Inc., a training company, was founded in 1990. TechNow celebrates 35 years of regularly scheduled commercial training delivery in 2025 and has evolved into a global training company that is dynamic and able to customize our training to meet the needs of our customers. Our focus is hands-on, skills-based hardware/software and security training for those who want stay current with today’s ever-changing technologies. We are a Pearson Vue Testing Center and have developed a proven testing program, including mobile testing, that ends with certification at the end of many of our courses. Our courses are taught by professional educators and experts in their respective fields and bring to the classroom a wealth of knowledge from the “real world”. Our customers include many Fortune 500 companies as well as the Department of Defense, Federal Government, and Intelligence Agencies.
At TechNow our goal is to help you achieve your goals and we strive for 100% customer service and satisfaction. TechNow‘s certification pass rate is the highest in the industry. Our web-site and our professional training advisors will assist you with selecting courses that help meet your organization’s objectives and the right career path to stay competitive in today’s market.
To learn more about TechNow or to schedule your training, call us at 800-324-2294.