Course Review: Digital Mobile Forensics Deep Dive
David Caissy, CISSP, GPEN, GSEC, CEH, PMP, B.Sc.A. Digital Mobile Forensics Deep Dive is a 3-day course written and taught by Wayne Burke of Sequrit. I decided to take this course to expend my knowledge into a field I barely knew. Being a penetration tester with a background in web application development, I was completely new to the forensic world. Since the official web site stated that this was a “highly advanced and technical course,” I honestly expected to be completely lost. I thought I would learn more from home after the class, trying to slowly digest what the instructor said. With the site also stating that “about 80% of the course is focused on practical REAL WORLD hands-on lab scenario exercises,” I decided to buy an airplane ticket and give it a try.
I received the lab requirements by email directly from the instructor, Wayne Burke. The email included the laptop specifications and software that had to be installed such as VMware Workstation. The instructor also mentioned needing Backtrack 5 and CAINE (Computer Aided INvestigative Environment) virtual machines. So I cleaned up some space on my laptop, downloaded what I needed and installed the two VMs. I was eager to start the class. Read on...
Book Review: The IDA Pro Book 2nd Ed
Review by Ryan Linn, CISSP, MCSE, GPEN It seems like yesterday that I was reviewing Chris Eagle's book, but in reality it's been 3 years. So when I had an opportunity to review The IDA Pro Book: The Unofficial Guide To The Worlds Most Popular Disassembler, 2nd Edition, I looked forward to seeing what had changed. And thus a change in the normal extensive EH-Net book review is in order and brevity is the word of the day.
A few things haven’t changed since my last review. I am still not a reverse engineer, although I occasionally use the tools clumsily for Capture The Flag (CTF) exercises. I’m not a professional programmer, although I can program and do so frequently. Although this isn’t material that I suspect I will master in the near future, this is material in which I have an interest. If you have basic programming skills, an interest in learning, and are willing to sit down and spend time with this material, you will definitely benefit from this book.
After the break, look for a link to a free download of Chapter 24: "The IDA Debugger."
Read on... New Cert Listing: CSTA - Certified Security Testing Associate
Exam Details:
Questions: 50Time: 60 Minutes
Passing Score: 50% - 80% (Distinction)
Format: Multiple choice
Cost: Included in Course
Renewal: None currently
Editors' Quick Thoughts
Here's a worthy up-and-comer for all of you budding pen testers. It's run and maintained by a UK company named 7Safe. It is a 4-day course that was recently updated (June 2011) and is poised to take on industry stalwarts like EC-Council and SANS. Offered in many countries by a variety of training companies, this certification follows the Microsoft model of licensing its courses and certs. Key highlight of this course is the lab environment on the provided computers during the class. Very well done with Windows & Linux machines customized to give you the feel of a pen test throughout the course. Now available in 6 countries including England and the US, this one is poised for steady growth and acceptance in the industry. For a full review and comparisons to other courses, see the EH-Net Review, An American Hacker in London.From the Horse's Mouth (7Safe's Web Site Content):
This 4-day ethical hacking training course is a hands-on journey into the hacking mindset, examining and practically applying the tools and techniques that hackers use to launch “infrastructure” attacks. Practical exercises reinforce theory as you experiment with a Windows 2008 domain (server and workstation) plus a Linux server. The course demonstrates hacking techniques - there’s no better way to understand attacks than by doing them yourself - but this is always done with defence in mind and countermeasures are discussed throughout. The course is therefore suited to system administrators, IT security officers and budding penetration testers. Read on...Stay Tuned:
- Product Review: Cloud-Based On Demand Penetration Testing by iViZ Security
- Oracle Web Hacking Part II by Chris Gates
- Course Review: eLearnSecurity Student
- Interviews with Courseware Developers and Instructors
- More Course & Book Reviews
Upcoming Events
DerbyCon 2011 Sept 30 - Oct 2
Rochester Security Summit 2011 Oct 4 - 5
Mobile & Smart Device Security Oct 4 - 5
ITAC 2011 Oct 4 - 6
Global AppSec Latin America 2011 Oct 4 - 7
IANS Southeast InfoSec Forum Oct 5 - 6
Secureworld Expo Detroit 2011 Oct 5 - 6
ToorCon 2011 Oct 5 - 9
BSidesPDX 2011 Oct 7
OWASP BASC 2011 Oct 8
HITBSecConf2011 – Malaysia Oct 10 - 13
RSA Conference Europe 2011 Oct 11 - 13
SANS NCIC 2011 Oct 11 - 14
SecTor 2011 Oct 17 - 19
BSidesMo 2011 Oct 21
Hack3rCon II Oct 21 - 23
Hacker Halted USA 2011 Oct 21 - 27
BSidesNewDelhi 2011 Oct 22 - 23
SANS Chicago 2011 Oct 23 - 28
BSidesKC 2011 Oct 26
Techno Forensics Conference 2011 Oct 31 - Nov 1
* Add your event to EH-Net's Global Calendar: events(at)ethicalhacker(.)net
Rochester Security Summit 2011 Oct 4 - 5
Mobile & Smart Device Security Oct 4 - 5
ITAC 2011 Oct 4 - 6
Global AppSec Latin America 2011 Oct 4 - 7
IANS Southeast InfoSec Forum Oct 5 - 6
Secureworld Expo Detroit 2011 Oct 5 - 6
ToorCon 2011 Oct 5 - 9
BSidesPDX 2011 Oct 7
OWASP BASC 2011 Oct 8
HITBSecConf2011 – Malaysia Oct 10 - 13
RSA Conference Europe 2011 Oct 11 - 13
SANS NCIC 2011 Oct 11 - 14
SecTor 2011 Oct 17 - 19
BSidesMo 2011 Oct 21
Hack3rCon II Oct 21 - 23
Hacker Halted USA 2011 Oct 21 - 27
BSidesNewDelhi 2011 Oct 22 - 23
SANS Chicago 2011 Oct 23 - 28
BSidesKC 2011 Oct 26
Techno Forensics Conference 2011 Oct 31 - Nov 1
* Add your event to EH-Net's Global Calendar: events(at)ethicalhacker(.)net
No comments:
Post a Comment