P-325: Python Programming

Course Overview:

This is an introductory course into the Python scripting language.  This class uses a hands-on approach in teaching the Python language.  This course builds the prerequisite skills for TechNow's P-345: Python for Pentration Testers course.  Getting comfortable with Python is important to understanding how Python can be utilitized for offensive measures.

This course is hands-on with the instructor walking the students through many short examples to exemplify an objective.  Dexterity with the language comes through many small code examples to produce the desired result.  Students have fun acquiring points for all the code examples they get correct.  We must be having fun because TechNow is always amazed at how competitive students are in trying to acquire the most points!  

The instructor will focus on the level that each student is currently at, and ensure the student absorbs the subject matter.  Programming is not a daily tasking of administrators or offensive operators and TechNow understands that.  As an instructor led course TechNow is very successful in making Python accessible to those who do not live eat and breath programming.  If a student's ultimate goal is to attend a course like TechNow's P-345: Python for Pentration Testers course, then not being bogged down in the Python language is critical, and this course (P-325: Python Programming) meets that objective.

Recently we have introduced Raspberry Pi's and multiple sensors to the P-325: Python Programming course.  This enables the student to actually see productive results from their coding skills in the physical world!  Some examples that students create programs for are: Motion detectors, distance, temperature, cameras and keypads.

Attendees to P-325: Python Programming will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 5 Days

Course Objectives:

  • How Python Runs Programs
  • Introducing Python Object Types
    • Numeric Types
    • Dynamic Typing
  • Variables
  • Regular Expressions
  • Strings
  • Conditionals
    • if Tests and Syntax Rules
  • Lists and Dictionaries
  • Tuples and Files
  • Introducing Python Statements
  • Assignments, Expressions, and Prints
  • while and for Loops
  • Iterations and Comprehensions
  • Documentation
  • Function Basics
  • Built-In Functions
  • Scopes
  • Arguments
  • Modules
  • Module Packages and Importing
  • Classes and OOP
  • Operator Overloading
  • Recursion
  • Exception Coding Details
  • Exception Objects
  • Unicode and Byte Strings
  • Working with Raspberry Pi
    • Writing code for sensors

Prerequisites:

  • Experience with some form of programming is preferred

 

Comments

Latest comments from students

User: slewis8435

Instructor comments: Very good instructor - he was excited about the material, very knowledgeable, and explained things clearly.

Facilities comments: The facilities were fine - plenty of room for each student to set up an extra computer and have room for note taking

User: nathan.karras

Instructor comments: Instructor was extremely knowledgeable in programming and scripting. He encouraged students to explore and ask questions. He would work with individuals to troubleshoot lab problems sets. Would highly recommend as an instructor.

Facilities comments: Room got a little warn. Instructor purchased fans to cool things off for the class. Projector had over scan.

Liked the class?  Then let everyone know!

TN-999: Reverse Engineering Malware Course

Course Overview:

This course is designed for professionals that are expected to do malware analysis. A skills focus enables the student to better absorb the subject matter and perform successfully on the job.   This is not death by power point. The course is aligned with information assurance operators and executing hands-on labs. Lecture and labs walk the student through the knowledge required to truly understand the mechanics Reverse Engineering Malware.

Attendees to TN-999: Reverse Engineering Malware will receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Duration: 5 days

Course Objectives:

  • Toolkit and Lab Assembly
  • Malware Code and Behavioral Analysis Fundamentals
  • Malicious Static and Dynamic Code Analysis
  • Collecting/Probing System and Network Activities
  • Analysis of Malicious Document Files
  • Analyzing Protected Executables
  • Analyzing Web-Based Malware
  • DLL Construction and API Hooking
  • Common Windows Malware Characteristics in x86 Assembly
  • Unpacking Protected Malware
  • In-Depth Analysis of Malicious Browser Scripts, Flash Programs and Office
  • In-Depth Analysis of Malicious Executables
  • Windows x86 Assembly Code Concepts for Revers-Engineering Memory Forensics for Rootkit Analysis

Prerequisites:

  • Strong understanding of core systems and network concepts
  • Exposure to programming and assembly concepts
  • Comfortable with command line access

Comments

Latest comments from students

User: marcus.osullivan

Instructor comments: Good stuff. I like the beginning half where there was help from an additional instructor to facilitate fixing computer errors that inevitably popped up.

Facilities comments: The baby deer were neat! I like the resort.

Liked the class?  Then let everyone know!

TN-575: Open Source Network Security Monitoring

 

Course Overview:

TN-575: Open Source Network Security Monitoring teaches students how to deploy, build, and run an NSM operation using open source software and vendor-neutral tools. No network is bullet proof and when attackers access your network, this course will show you how to build a security net to detect, contain, and control the attacker. Sensitive data can be monitored and deep packet and deep attachment analysis can be achieved. As organizations stand up a Security Operations Center (SOC) the enterprise NSM is the key ingredient to that SOC. This course not only teaches how to implement an NSM technologically, but how to effectively monitor an enterprise operationally. You will learn how to architect an NSM solution: where to deploy your NSM platforms and how to size them, stand-alone or distributed, and integration into packet analysis, interpret evidence, and integrate threat intelligence from external sources to identify sophisticated attackers. A properly implemented NSM is integral to incident response and provides the responders timely information to react to the incident. TN-575: Open Source Network Security Monitoring is a lab intensive environment with a cyber range that gives each student in-depth knowledge and practical experience monitoring live systems to include: Cisco, Windows, Linux, IoT, and Firewalls.

Attendees to TN-575: Open Source Network Security Monitoring class will receive TechNow approved course materials and expert instruction.

This Course is taught utilizing Security Onion or RockNSM as specified by the customer.

Dates/Locations:

No Events

Duration: 5 Days

Course Objective:

The focus of this course is to present a suite of Open Source security products integrated into a highly functional and scalable Network Security Monitoring solution.

Prerequisites:

Students should have a basic understanding of networks, TCP/IP and standard protocols such as DNS, HTTP, etc. Some Linux knowledge/experience is recommended, but not required

Course Outline:

  • Network Security Monitoring (NSM) Methodology
  • High Bandwidth Packet Capture Challenges
  • Installation of Security Onion
    • Use Cases (analysis, lab, stand-alone, distributed)
    • Resource Requirements
  • Configuration
    • Setup Phase I – Network Configuration
    • Setup Phase 2 – Service Configuration
    • Evaluation Mode vs. Configuration Mode
    • Verifying Services
  • Security Onion Architecture
    • Configuration Files and Folders
    • Network Interfaces
    • Docker Environment
    • Security Onion Containers
  • Overview of Security Onion Analyst Tools
    • Kibana
    • CapME
    • CyberChef
    • Squert
    • Sguil
    • NetworkMiner
  • Quick Review of Wireshark and Packet Analysis
    • Display and Capture Filters
    • Analyze and Statistics Menu Options
    • Analysis for Signatures
  • Analyzing Alerts
    • Replaying Traffic
    • 3 Primary Interfaces:
      • Squert
      • Sguil
      • Kibana
    • Pivoting Between Interfaces
    • Pivoting to Full Packet Capture
  • Snort and Surricata
    • Rule Syntax and Construction
    • Implementing Custom Rules
    • Implementing Whitelists and Blacklists
  • Hunting
    • Using Kibana to Slice and Dice Logs
    • Hunting Workflow with Kibana
  • Bro
    • Introduction and Overview
      • Architecture, Commands
    • Understanding and Examining Bro Logs
      • Using AWK, sort, uniq, and bro-cut
    • Working with traces/PCAPs
    • Bro Scripts Overview
      • Loading and Using Scripts
    • Bro Frameworks Overview
      • Bro File Analysis Framework FAF
    • Using Bro scripts to carve out more than files
  • RockNSM ( * If Applicable)
    •  Kafka
      • Installation and Configuration
      • Kafka Messaging
      • Brokers
      • Integration with Bro and FSF
    • File Scanning Framework FSF
      • Custom YARA Signatures
      • JSON Trees
      • Sub-Object Recursion
      • Bro and Suricata Integration
  • Elastic Stack
    • Adding new data sources in Logstash
    • Enriching data with Logstash
    • Automating with Elastalert
    • Building new Kibana dashboards
  • Production Deployment
    • Advanced Setup
    • Master vs Sensor
    • Node Types – Master, Forward, Heavy, Storage
    • Command Line Setup with sosetup.conf
    • Architectural Recommendations
    • Sensor Placement
    • Hardening
    • Administration
    • Maintenance
  • Tuning
    • Using PulledPork to Disable Rules
    • BPF’s to Filter Traffic
    • Spinning up Additional Snort / Suricata / Bro Workers to Handle Higher Traffic Loads

Comments

Latest comments from students

 

Liked the class?  Then let everyone know!

TN-535: Certified Forensic Computer Examiner (CFCE)

CCFE Core Competencies

  • Procedures and Legal Issues
  • Computer Fundamentals
  • Partitioning Schemes
  • Data Recovery
  • Windows File Systems
  • Windows Artifacts
  • Report writing (Presentation of Finding)
  • Procedures and Legal issues
  1. Knowledge of search and subjection and rules for evidence as applicable to computer forensics.
  2. Ability to explain the on-scene action taken for evidence preservation.
  3. Ability to maintain and document an environment consolidating the computer forensics.
  • Computer Fundamentals
  1. Understand BIOS
  2. Computer hardware
  3. Understanding of numbering system (Binary, hexadecimal, bits, bytes).
  4. Knowledge of sectors, clusters, files.
  5. Understanding of logical and physical files.
  6. Understanding of logical and physical drives.
  • Partitioning schemes
  1. Identification of current partitioning schemes.
  2. Understanding of primary and extended partition.
  3. Knowledge of partitioning schemes and structures and system used by it.
  4. Knowledge of GUID and its application.
  • Windows file system
  1. Understanding of concepts of files.
  2. Understanding of FAT tables, root directory, subdirectory along with how they store data.
  3. Identification, examination, analyzation of NTFS master file table.
  4. Understanding of $MFT structure and how they store data.
  5. Understanding of Standard information, Filename, and data attributes.
  • Data Recovery
  1. Ability to validate forensic hardware, software, examination procedures.
  2. Email headers understanding.
  3. Ability to generate and validate forensically sterile media.
  4. Ability to generate and validate a forensic image of media.
  5. Understand hashing and hash sets.
  6. Understand file headers.
  7. Ability to extract file metadata from common file types.
  8. Understanding of file fragmentation.
  9. Ability to extract component files from compound files.
  10. Knowledge of encrypted files and strategies for recovery.
  11. Knowledge of Internet browser artifacts.
  12. Knowledge of search strategies for examining electronic
  • Windows Artifacts
  1. Understanding the purpose and structure of component files that create the windows registry.
  2. Identify and capability to extract the relevant data from the dead registry.
  3. Understand the importance of restore points and volume shadow copy services.
  4. Knowledge of the locations of common Windows artifacts.
  5. Ability to analyze recycle bin.
  6. Ability to analyze link files.
  7. Analyzing of logs
  8. Extract and view windows logs
  9. Ability to locate, mount and examine VHD files.
  10. Understand the Windows swap and hibernation files.
  • Report Writing (Presentation of findings)
  1. Ability to conclude things strongly based on examination observations.
  2. Able to report findings using industry standard technically accurate terminologies.
  3. Ability to explain the complex things in simple and easy terms so that non-technical people can understand clearly.
  4. Be able to consider legal boundaries when undertaking a forensic examination

AZ-900: Microsoft Azure Fundamentals

 

Course Overview:

This two-day course will provide foundational level knowledge on cloud concepts; core Azure services; security, privacy, compliance, and trust; and Azure pricing and support.

NOTE: This course provides an Azure pass and time for you to participate in hands-on labs. The content for this course aligns to AZ-900 exam objective domain

TechNow has worked worldwide enterprise infrastructures for over 20 years and has developed demos and labs to exemplify the techniques required to demonstrate cloud technologies and to effectively manage security in the cloud environment

Attendees to AZ-900: Microsoft Azure Fundamentals will receive TechNow approved course materials and expert instruction.

Date/Locations:

Date/Time Event
01/20/2026 - 01/23/2026
08:00 -16:00 		AZ-900: Microsoft Azure Fundamentals
TechNow, Inc, San Antonio TX
04/07/2026 - 04/08/2026
08:00 -16:00 		AZ-900: Microsoft Azure Fundamentals
TechNow, Inc, San Antonio TX
08/03/2026 - 08/04/2026
08:00 -16:00 		AZ-900: Microsoft Azure Fundamentals
TechNow, Inc, San Antonio TX
11/09/2026 - 11/10/2026
08:00 -16:00 		AZ-900: Microsoft Azure Fundamentals
TechNow, Inc, San Antonio TX

Course Duration: 3 days

Course Outline:

  • Cloud Concepts
  • Core Azure Services
  • Security, Privacy, Compliance, And Trust
  • Azure Pricing and Support

Lab Objectives:

    • Create a virtual machine
    • Deploy Azure container instances
    • Create a virtual network
    • Create blob storage
    • Create a SQL database
    • Implement an Azure IoT Hub
    • Implement Azure Functions
    • Create a web app
    • Create a VM with a Template
    • Create a VM with PowerShell
    • Create a VM with CLI
    • Secure network traffic
    • Implement Azure key vault
    • Create an Azure Policy
    • Manage access with RBAC
    • Manage resource locks
    • Implement resource tagging
    • Exploring the Trust Center
    • Use the Azure Pricing Calculator
    • Use the Azure TCO Calculator
    • Open a Support request
    • Calculate composite SLAs
    • Access Azure Preview features

Prerequisites :

      • There are no prerequisites for taking this course. Technical IT experience is not required however some general IT knowledge or experience would be beneficial.
      • This course is suitable for IT personnel who are just beginning to work with Azure.
      • This course primarily uses the Azure portal to create services and does not require scripting skills.
      • Students in this course will gain confidence to take other role-based courses and certifications, such as Azure Administrator.
      • This course provides an Azure pass and optional lab environment.

Comments

Latest comments from students

 

Liked the class?  Then let everyone know!