Short Course

Getting Started with Network Forensics

Name: Getting Started with Network Forensics
Brand: CodeRed
Rating: 5.0 (192 reviews)

How to detect network attacks with open sources and free tools, analyzing network traffic in a forensically manner.

5.0

from 192+ reviews

4 hr 30 m of video content

Beginner

Validation of Completion Included

Buy this course now

$59.99

Overview What You Will Learn Curriculum Instructor

Course Overview

Network Forensic analysis is a sub-domain in the broad spectrum of digital forensics used for retrospective analysis of networks to find pieces of evidence left behind following a cyberattack. It analyses network traffic to gather the information that could connect security teams to the threat actor, find vulnerabilities exploited to enter the network, and so on. It is a hard task because of your huge amount of data and the large number of protocols and tools currently available.

In the current scenario, most incidents involve technological devices that are connected to a local or external network, and for criminals to be identified, it is essential you know or has people in your organization capable of interpreting the traces left at a crime scene virtually. The course begins with a hands-on approach to the network of the theory taught in many schools, with the instructor explaining RFCs using Wireshark. Further, you will learn open-source tools to analyze some network attacks, like Security Onion, Wazuh, and Arkami. Finally, you will learn how to detect a Cobalt Strike attack.

Network Forensics also involves proactive monitoring and analysis of network traffic for anomalous behavior, intrusion detection, incident response, and vulnerability management. With increasing network traffic and network systems complexity, the need for network forensics is expected to continue to grow significantly.

The course aims to offer some techniques and tools so that the members of a blue team can analyze cyber incidents by finding the evidence left on the network by the attackers.

What You Will Learn

Learn different scan forms and how to detect it
Learn the fundamentals of network design, network forensics tools and best practice, and how to perform analysis on a variety of data
Get acquainted with the strategies to identify cobalt strike attacks using network forensics
Get hands on technologies to analyze a large amount of network data
Understand about Open-source tools to continuously monitor assets to collect network evidence

Program Curriculum

Demystifying the OSI Model with Wireshark
Analyzing IP and ICMP with Tcpdump
Analyzing ARP and DNS with Wireshark
Looking at TCP Sequence with Tcpdump and Tshark
Looking at UDP with Wireshark
Analyzing HTTP with Wireshark
$7 Million Cybersecurity Scholarship by EC-Council
Chapter 1 Quiz

Detecting Reconnaissance Attacks of Ping Sweeping
Detecting Nmap Scans with Wireshark
Detecting Man-in-the-middle with Wireshark
Detecting Brute-Force with Wireshark
Chapter 2 Quiz

Installation of Docker and sebp/elk
Ingesting FTP Logs Using Logstash
Detecting Attacks Against FTP Server Using Kibana
Upload and Analysis of evtx Logs Using ELK
Conclusion
Chapter 3 Quiz

Instructor

Nilson Sangy

Nilson Sangy is an Expert in Digital Forensics for Brazilian Federal Police over the last two years. His experience has been in computer forensics, mobile, network forensics, for the last five years. In information security, Nilson have been since 2009, when he was a military for Brazilian Army, acting as Communications Sergeant and after as First Lieutenant of IT Staff Officer. Sangy is a specialist at artifacts like windows files, linux logs, IPS logs, firewall logs, EDR and some antivirus too. In this year, he was responsible for cases like data leaks, ransomware infections, malware analysis, phishing and other. The author is Certified EC-Council Instructor since 2016. He provides training for the following certifications: Certified Network Defender – CND, EC-Council Certified Incident Handler – ECIH and Computer Hacking Forensic Investigator – CHFI.

Buy this course now

$59.99

Get Immediate access for one year today!

Upgrade to Pro Plans and Get Full Access Today!

Get this course, along with 900+ courses and 70+ learning paths and more in one subscription. Learn more

Unlock All Access

Plans start from $33/mo. Cancel anytime.

Join over 1 Million professionals from the most renowned Companies in the world!

Fastest Way to Level Up Your Cybersecurity Skills

Invest in your future with flexible subscription plans that give you access to the world’s largest online cybersecurity course library. Whether you're exploring cybersecurity courses for beginners or advancing your expertise,
access in-demand courses, practical labs, and CTF challenges designed to support continuous learning.

Monthly Plans

Annual Plans

Save 20% with our annual plans!

Pro

Build your cybersecurity skills with 900+ bite-sized courses and curated learning paths designed for continuous learning.

^$ 69.00

Billed monthly or $599.00 billed annually

Get Started Now

Start your 7-day trial for $1

What is included

880+ Premium Short Courses
70+ Structured Learning Paths
Validation of Completion with all courses and learning paths
New Courses added every month

Early Access Offer

Pro +

Develop real-world cybersecurity skills through hands-on labs and CTF challenges designed for practical learning.

^$ 79.00

Billed monthly or $699.00 billed annually

Get Started Now

Start your 7-day trial for $1

Everything in Pro, Plus:

1600+ Hands-on lab exercises with guided instructions
150+ CTF Challenges with detailed walkthroughs
New Hands-on Labs and Challenges added every month

Related Courses

Short Course

Bootstrap 4 Quick Website Bootstrap Components Course

Software Development

Explore the basics of Bootstrap and learn to create a website in 4 easy steps

Explore the basics of Bootstrap and learn to create a website...

$49.99

Beginner

1 hr 30 m

Hello
Short Course

CCNA - Understanding Routers and Switches

Security Architecture and Operations

A comprehensive guide to understanding the in-depth functioning of routers and switches for the preparation of CCNA Exam.

A comprehensive guide to understanding the in-depth functioni...

$49.99

Intermediate

2 hr 0 m

Hello
Short Course

The Complete Full-Stack JavaScript Course

Software Development

Learn full-stack web development using JavaScript (ReactJS, NodeJS, LoopbackJS, Redux and Material-UI)!

Learn full-stack web development using JavaScript (ReactJS, N...

$79.99

Beginner

24 hr 17 m

Hello
Short Course

React.JS for Ecommerce: Building a Store with React.JS

DevSecOps

From React.js Fundamentals to Crafting an Online Storefront

From React.js Fundamentals to Crafting an Online Storefront

$49.99

Advanced

3 hr 30 m

Hello
Short Course

CISSP Certification Domains 5, 6, 7, and 8 Video Training

Cybersecurity

This course is ideal for individuals who desire to pass the Information Systems Security Professional CISSP Certification Exam and want to gain more insight and knowledge around IT, Information, and Cyber Security from a management/senior leader perspective.

This course is ideal for individuals who desire to pass the I...

$69.99

Intermediate

6 hr 30 m

Hello
Short Course

Helm 3 - Package Manager for Kubernetes

Software Development

A must tool for every DevOps engineer

A must tool for every DevOps engineer

$49.99

Intermediate

1 hr 27 m

Hello
Short Course

Learn Ethical Hacking by Hacking Real Websites Legally

Vulnerability Assessment and Pentesting

Fun way to learn ethical hacking by playing online hacking games - hacking real websites legally

Fun way to learn ethical hacking by playing online hacking ga...

$69.99

Beginner

4 hr 18 m

Hello
Short Course

Mastering Ansible Playbooks: Debugging and Security

Software Development

Securing and Automating Linux and Windows Systems with Advanced Ansible Playbooks

Securing and Automating Linux and Windows Systems with Advanc...

$99.99

Advanced

5 hr 34 m

Hello

1 50

View all